diff options
| author | beck <> | 2020-09-14 09:59:58 +0000 |
|---|---|---|
| committer | beck <> | 2020-09-14 09:59:58 +0000 |
| commit | e63040cfdceb3f5aeabf1007d4cd8f6cb7c4c761 (patch) | |
| tree | 1cd32ded895dd6c2244b8e10679bd18ba8667e8f /src/regress/lib | |
| parent | 37c92b573ed30b6261d61768c7e84e8ad461c2bc (diff) | |
| download | openbsd-e63040cfdceb3f5aeabf1007d4cd8f6cb7c4c761.tar.gz openbsd-e63040cfdceb3f5aeabf1007d4cd8f6cb7c4c761.tar.bz2 openbsd-e63040cfdceb3f5aeabf1007d4cd8f6cb7c4c761.zip | |
Use a fixed validation time in these tests so we never
have to re-generate these certificates and this should
just keep working even if the certs get old
Diffstat (limited to 'src/regress/lib')
| -rw-r--r-- | src/regress/lib/libcrypto/x509/bettertls/verify.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/regress/lib/libcrypto/x509/bettertls/verify.c b/src/regress/lib/libcrypto/x509/bettertls/verify.c index c23e8a2db9..efa531b620 100644 --- a/src/regress/lib/libcrypto/x509/bettertls/verify.c +++ b/src/regress/lib/libcrypto/x509/bettertls/verify.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: verify.c,v 1.2 2020/07/15 03:44:42 beck Exp $ */ | 1 | /* $OpenBSD: verify.c,v 1.3 2020/09/14 09:59:58 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -139,6 +139,7 @@ verify_cert(const char *roots_file, const char *bundle_file, | |||
| 139 | 139 | ||
| 140 | unsigned long flags = X509_VERIFY_PARAM_get_flags(xsc->param); | 140 | unsigned long flags = X509_VERIFY_PARAM_get_flags(xsc->param); |
| 141 | X509_VERIFY_PARAM_set_flags(xsc->param, flags); | 141 | X509_VERIFY_PARAM_set_flags(xsc->param, flags); |
| 142 | X509_VERIFY_PARAM_set_time(xsc->param, 1600000000); | ||
| 142 | X509_VERIFY_PARAM_set1_host(xsc->param,"localhost.local", strlen("localhost.local")); | 143 | X509_VERIFY_PARAM_set1_host(xsc->param,"localhost.local", strlen("localhost.local")); |
| 143 | 144 | ||
| 144 | X509_STORE_CTX_set0_trusted_stack(xsc, roots); | 145 | X509_STORE_CTX_set0_trusted_stack(xsc, roots); |
| @@ -164,6 +165,7 @@ verify_cert(const char *roots_file, const char *bundle_file, | |||
| 164 | 165 | ||
| 165 | unsigned long flagsip = X509_VERIFY_PARAM_get_flags(xscip->param); | 166 | unsigned long flagsip = X509_VERIFY_PARAM_get_flags(xscip->param); |
| 166 | X509_VERIFY_PARAM_set_flags(xscip->param, flagsip); | 167 | X509_VERIFY_PARAM_set_flags(xscip->param, flagsip); |
| 168 | X509_VERIFY_PARAM_set_time(xscip->param, 1600000000); | ||
| 167 | X509_VERIFY_PARAM_set1_ip_asc(xscip->param,"127.0.0.1"); | 169 | X509_VERIFY_PARAM_set1_ip_asc(xscip->param,"127.0.0.1"); |
| 168 | 170 | ||
| 169 | X509_STORE_CTX_set0_trusted_stack(xscip, roots); | 171 | X509_STORE_CTX_set0_trusted_stack(xscip, roots); |
| @@ -228,7 +230,7 @@ main(int argc, char **argv) | |||
| 228 | } | 230 | } |
| 229 | if (json) | 231 | if (json) |
| 230 | fprintf(stdout, "{\"testVersion\":1,\"date\":%lld,\"userAgent\"" | 232 | fprintf(stdout, "{\"testVersion\":1,\"date\":%lld,\"userAgent\"" |
| 231 | ":\"LibreSSL OpenBSD 6.7\\n\",\"results\":[", time(NULL)); | 233 | ":\"LibreSSL OpenBSD 6.8\\n\",\"results\":[", time(NULL)); |
| 232 | 234 | ||
| 233 | bettertls_cert_test(argv[1]); | 235 | bettertls_cert_test(argv[1]); |
| 234 | 236 | ||