ruby-changes:43428
From: rhe <ko1@a...>
Date: Sat, 25 Jun 2016 10:08:24 +0900 (JST)
Subject: [ruby-changes:43428] rhe:r55502 (trunk): openssl: ignore test failure caused by LibreSSL bug
rhe 2016-06-25 10:08:15 +0900 (Sat, 25 Jun 2016) New Revision: 55502 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=55502 Log: openssl: ignore test failure caused by LibreSSL bug * test/openssl/test_ocsp.rb: Ignore errors caused by bugs that exist in LibreSSL >= 2.3.1. Modified files: trunk/ChangeLog trunk/test/openssl/test_ocsp.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 55501) +++ ChangeLog (revision 55502) @@ -1,3 +1,8 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Sat Jun 25 10:07:52 2016 Kazuki Yamaguchi <k@r...> + + * test/openssl/test_ocsp.rb: Ignore errors caused by bugs that exist in + LibreSSL >= 2.3.1. + Sat Jun 25 02:33:33 2016 Nobuyoshi Nakada <nobu@r...> * vm_method.c (vm_respond_to): try method_missing if respond_to? Index: test/openssl/test_ocsp.rb =================================================================== --- test/openssl/test_ocsp.rb (revision 55501) +++ test/openssl/test_ocsp.rb (revision 55502) @@ -140,6 +140,12 @@ class OpenSSL::TestOCSP < OpenSSL::TestC https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ocsp.rb#L140 assert_equal cid.to_der, asn1.value[0].value.find { |a| a.class == OpenSSL::ASN1::Sequence }.value[0].value[0].to_der assert_equal OpenSSL::ASN1.Sequence([@cert2, @ca_cert]).to_der, asn1.value[3].value[0].to_der assert_equal der, OpenSSL::OCSP::BasicResponse.new(der).to_der + rescue TypeError + if /GENERALIZEDTIME/ =~ $!.message + skip "OCSP_basic_sign() is broken" + else + raise + end end def test_basic_response_sign_verify @@ -177,7 +183,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestC https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ocsp.rb#L183 assert_equal OpenSSL::OCSP::V_CERTSTATUS_REVOKED, single.cert_status assert_equal OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, single.revocation_reason assert_equal now - 400, single.revocation_time - assert_equal now - 300, single.this_update + assert (single.this_update - (now - 300)) < 2 assert_equal nil, single.next_update assert_equal [], single.extensions @@ -203,6 +209,12 @@ class OpenSSL::TestOCSP < OpenSSL::TestC https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ocsp.rb#L209 cid2 = OpenSSL::OCSP::CertificateId.new(@cert2, @ca_cert, OpenSSL::Digest::SHA1.new) bres.add_status(cid1, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, -50, []) bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, nil, []) + bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, nil, Time.now + 100, nil, nil) + + if bres.responses[2].check_validity # thisUpdate is in future; must fail + # LibreSSL bug; skip for now + skip "OCSP_check_validity() is broken" + end single1 = bres.responses[0] assert_equal false, single1.check_validity -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/