aboutsummaryrefslogtreecommitdiffstats
path: root/test/test_pkcs7.rb
Commit message (Collapse)AuthorAgeFilesLines
* Backport "Merge branch 'topic/test-memory-leak'" to maintKazuki Yamaguchi2017-08-241-6/+2
| | | | | | | | | | | | | | * topic/test-memory-leak: Enable OSSL_MDEBUG on CI builds Add OpenSSL.print_mem_leaks test: prepare test PKey instances on demand test: let OpenSSL::TestCase include OpenSSL::TestUtils Don't define main() when built with --enable-debug (cherry picked from commit 5c586acc387834ab4e09260937dc21064fc59de4) Note that fix for new test cases that use the old constants removed by this is squashed in.
* Fix typosSHIBATA Hiroshi2017-02-141-1/+1
|
* test: call super from each test case's 'setup' methodKazuki Yamaguchi2016-12-051-0/+1
| | | | | | Just like we already do for 'teardown' method, though we don't have OpenSSL::TestCase#setup yet. This will be useful when we want to inject GC.stress = true.
* test: fix fragile test casesKazuki Yamaguchi2016-11-301-7/+3
| | | | | | | | | | | | | | | | | | | Fix the fragile test cases that are sensitive to the difference between Time.now.to_i and time(2). When issuing test certificates, we are typically setting the current time fetched by Time.now to the notBefore field. Time.now uses clock_gettime(2) with CLOCK_REALTIME. On the other hand, OpenSSL uses time(2) in its certificate verification code. On Linux/x86-64, time(2) is implemented not to return the adjusted 'current time' like Time.now, but to return the wall clock seconds at the last tick. This results in that time(2) called later may return an earlier time, causing the certificate verification to fail with 'certificate is not yet valid' error. So, create test certificates with notBefore<Time.now to avoid this. Since it's awful to do "Time.now - 1" everywhere, make the notBefore and notAfter fields optional with defaults with margin.
* openssl: drop OpenSSL 0.9.6/0.9.7 supportrhe2016-05-311-6/+0
| | | | | | * ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: clear OpenSSL error queue before return to Rubyrhe2016-05-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify() family may put errors on 0 return (0 means verification failure). Clear OpenSSL error queue before return to Ruby. Since the queue is thread global, remaining errors in the queue can cause an unexpected error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215] * ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto. * ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto. * ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto. * ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error queue before re-raising exception. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto. * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto. * ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto. * test/openssl: check that OpenSSL.errors is empty every time after running a test case. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Sync trunkZachary Scott2016-02-021-0/+1
|
* Sync tests with trunkZachary Scott2015-01-061-1/+1
|
* import ruby trunkSHIBATA Hiroshi2014-10-271-0/+297
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-01 21:24:30 +0000