diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-06-29 22:23:58 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-06-29 22:25:32 +0900 |
commit | 08e1881f5663ceb3527c8953f353dfaef42062fb (patch) | |
tree | 8a463451deb2f751e9e15623800d4fbc17a8b4bd /test/test_ocsp.rb | |
parent | dfed7a990d1f812a8d3efb84e644059c753187cc (diff) | |
parent | 32841963a3828cc40cd17462eae4d7fad96d418b (diff) | |
download | ruby-openssl-08e1881f5663ceb3527c8953f353dfaef42062fb.tar.gz |
Merge changes from Ruby trunk r55457..r55538
* ruby-trunk r55457..r55538: (4 commits)
(r55538) openssl: fix for OpenSSL 1.0.0t
(r55523) * ext/digest/md5/md5ossl.h: Remove excess semicolons. Sup..
(r55503) Refine assertion
(r55502) openssl: ignore test failure caused by LibreSSL bug
Sync-with-trunk: r55538
Diffstat (limited to 'test/test_ocsp.rb')
-rw-r--r-- | test/test_ocsp.rb | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/test/test_ocsp.rb b/test/test_ocsp.rb index f1e34982..10f7c92d 100644 --- a/test/test_ocsp.rb +++ b/test/test_ocsp.rb @@ -140,6 +140,12 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase assert_equal cid.to_der, asn1.value[0].value.find { |a| a.class == OpenSSL::ASN1::Sequence }.value[0].value[0].to_der assert_equal OpenSSL::ASN1.Sequence([@cert2, @ca_cert]).to_der, asn1.value[3].value[0].to_der assert_equal der, OpenSSL::OCSP::BasicResponse.new(der).to_der + rescue TypeError + if /GENERALIZEDTIME/ =~ $!.message + pend "OCSP_basic_sign() is broken" + else + raise + end end def test_basic_response_sign_verify @@ -177,7 +183,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase assert_equal OpenSSL::OCSP::V_CERTSTATUS_REVOKED, single.cert_status assert_equal OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, single.revocation_reason assert_equal now - 400, single.revocation_time - assert_equal now - 300, single.this_update + assert_in_delta (now - 301), single.this_update, 1 assert_equal nil, single.next_update assert_equal [], single.extensions @@ -203,6 +209,12 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase cid2 = OpenSSL::OCSP::CertificateId.new(@cert2, @ca_cert, OpenSSL::Digest::SHA1.new) bres.add_status(cid1, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, -50, []) bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, nil, []) + bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, nil, Time.now + 100, nil, nil) + + if bres.responses[2].check_validity # thisUpdate is in future; must fail + # LibreSSL bug; skip for now + pend "OCSP_check_validity() is broken" + end single1 = bres.responses[0] assert_equal false, single1.check_validity |