diff options
author | Viktor Dukhovni <openssl-users@dukhovni.org> | 2024-04-14 22:04:21 -0400 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-04-18 14:20:54 +0200 |
commit | 1692e0d225a7cf513933c05207ceeace4dc85539 (patch) | |
tree | e35964d44d07dff54ece17829b2756611dba4e9a /test | |
parent | 4174f26141a7db3e29dc1f96bc873d357f6ca824 (diff) | |
download | openssl-1692e0d225a7cf513933c05207ceeace4dc85539.zip openssl-1692e0d225a7cf513933c05207ceeace4dc85539.tar.gz openssl-1692e0d225a7cf513933c05207ceeace4dc85539.tar.bz2 |
Fix fragile explicit cert date tests.
The tests used localtime to format "today's" date, but then extracted a
GMT date from the cert. The comparison breaks when run late in the
evening west of UTC, or early in the AM hours east of UTC.
Also took care of case when test runs at stroke of midnight, by
accepting either the "today" before the cert creation, or the
"today" after, should they be different.
Fixes fragile tests in #21716
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24139)
Diffstat (limited to 'test')
-rw-r--r-- | test/recipes/25-test_req.t | 7 | ||||
-rw-r--r-- | test/recipes/25-test_x509.t | 20 |
2 files changed, 15 insertions, 12 deletions
diff --git a/test/recipes/25-test_req.t b/test/recipes/25-test_req.t index f68f443..872ed31 100644 --- a/test/recipes/25-test_req.t +++ b/test/recipes/25-test_req.t @@ -609,7 +609,7 @@ ok(run(app(["openssl", "x509", "-in", "testreq-cert.pem", "-noout", "-text"])), "cert verification"); # Generate cert with explicit start and end dates -my $today = strftime("%Y-%m-%d", localtime); +my %today = (strftime("%Y-%m-%d", gmtime) => 1); my $cert = "self-signed_explicit_date.pem"; ok(run(app(["openssl", "req", "-x509", "-new", "-text", "-config", srctop_file('test', 'test.cnf'), @@ -617,5 +617,6 @@ ok(run(app(["openssl", "req", "-x509", "-new", "-text", "-not_before", "today", "-not_after", "today", "-out", $cert])) -&& get_not_before_date($cert) eq $today -&& get_not_after_date($cert) eq $today, "explicit start and end dates"); +&& ++$today{strftime("%Y-%m-%d", gmtime)} +&& (grep { defined $today{$_} } get_not_before_date($cert)) +&& (grep { defined $today{$_} } get_not_after_date($cert)), "explicit start and end dates"); diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t index f2b818b..c727e5c 100644 --- a/test/recipes/25-test_x509.t +++ b/test/recipes/25-test_x509.t @@ -255,16 +255,16 @@ ok(run(app(["openssl", "x509", "-req", "-text", "-CAcreateserial", ok(-e $ca_serial_dot_in_dir); # Tests for explict start and end dates of certificates -my $today; +my %today = (strftime("%Y-%m-%d", gmtime) => 1); my $enddate; -$today = strftime("%Y-%m-%d", localtime); ok(run(app(["openssl", "x509", "-req", "-text", "-key", $b_key, "-not_before", "20231031000000Z", "-not_after", "today", "-in", $b_csr, "-out", $b_cert])) && get_not_before($b_cert) =~ /Oct 31 00:00:00 2023 GMT/ -&& get_not_after_date($b_cert) eq $today); +&& ++$today{strftime("%Y-%m-%d", gmtime)} +&& (grep { defined $today{$_} } get_not_after_date($b_cert))); # explicit start and end dates ok(run(app(["openssl", "x509", "-req", "-text", "-key", $b_key, @@ -275,14 +275,15 @@ ok(run(app(["openssl", "x509", "-req", "-text", && get_not_before($b_cert) =~ /Oct 31 00:00:00 2023 GMT/ && get_not_after($b_cert) =~ /Dec 31 00:00:00 2023 GMT/); # start date today and days -$today = strftime("%Y-%m-%d", localtime); -$enddate = strftime("%Y-%m-%d", localtime(time + 99 * 24 * 60 * 60)); +%today = (strftime("%Y-%m-%d", gmtime) => 1); +$enddate = strftime("%Y-%m-%d", gmtime(time + 99 * 24 * 60 * 60)); ok(run(app(["openssl", "x509", "-req", "-text", "-key", $b_key, "-not_before", "today", "-days", "99", "-in", $b_csr, "-out", $b_cert])) -&& get_not_before_date($b_cert) eq $today +&& ++$today{strftime("%Y-%m-%d", gmtime)} +&& (grep { defined $today{$_} } get_not_before_date($b_cert)) && get_not_after_date($b_cert) eq $enddate); # end date before start date ok(!run(app(["openssl", "x509", "-req", "-text", @@ -291,12 +292,13 @@ ok(!run(app(["openssl", "x509", "-req", "-text", "-not_after", "20231031000000Z", "-in", $b_csr, "-out", $b_cert]))); # default days option -$today = strftime("%Y-%m-%d", localtime); -$enddate = strftime("%Y-%m-%d", localtime(time + 30 * 24 * 60 * 60)); +%today = (strftime("%Y-%m-%d", gmtime) => 1); +$enddate = strftime("%Y-%m-%d", gmtime(time + 30 * 24 * 60 * 60)); ok(run(app(["openssl", "x509", "-req", "-text", "-key", $b_key, "-in", $b_csr, "-out", $b_cert])) -&& get_not_before_date($b_cert) eq $today +&& ++$today{strftime("%Y-%m-%d", gmtime)} +&& (grep { defined $today{$_} } get_not_before_date($b_cert)) && get_not_after_date($b_cert) eq $enddate); SKIP: { |