From 663a7488cee42453219f81cf56ff0652959815bb Mon Sep 17 00:00:00 2001 From: naruse Date: Sun, 28 Feb 2010 02:47:19 +0000 Subject: * test/openssl/{test_x509cert.rb,openssl,test_x509crl.rb, test_x509req.rb}: fix false positive tests because of OpenSSL spec change. patched by originally Hongli Lai [ruby-core:27417], and fixed by Motohiro KOSAKI [ruby-core:28063] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26780 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- test/openssl/test_x509cert.rb | 23 ++++++++++++++++------- test/openssl/test_x509crl.rb | 16 ++++++++++++---- test/openssl/test_x509req.rb | 20 ++++++++++++++------ 3 files changed, 42 insertions(+), 17 deletions(-) (limited to 'test/openssl') diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb index 1d00f9c18c..48bab1715a 100644 --- a/test/openssl/test_x509cert.rb +++ b/test/openssl/test_x509cert.rb @@ -134,24 +134,25 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase nil, nil, OpenSSL::Digest::SHA1.new) assert_equal(false, cert.verify(@rsa1024)) assert_equal(true, cert.verify(@rsa2048)) - assert_equal(false, cert.verify(@dsa256)) - assert_equal(false, cert.verify(@dsa512)) + assert_equal(false, certificate_error_returns_false { cert.verify(@dsa256) }) + assert_equal(false, certificate_error_returns_false { cert.verify(@dsa512) }) cert.serial = 2 assert_equal(false, cert.verify(@rsa2048)) cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::MD5.new) assert_equal(false, cert.verify(@rsa1024)) - assert_equal(true, cert.verify(@rsa2048)) - assert_equal(false, cert.verify(@dsa256)) - assert_equal(false, cert.verify(@dsa512)) + assert_equal(true, cert.verify(@rsa2048)) + + assert_equal(false, certificate_error_returns_false { cert.verify(@dsa256) }) + assert_equal(false, certificate_error_returns_false { cert.verify(@dsa512) }) cert.subject = @ee1 assert_equal(false, cert.verify(@rsa2048)) cert = issue_cert(@ca, @dsa512, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::DSS1.new) - assert_equal(false, cert.verify(@rsa1024)) - assert_equal(false, cert.verify(@rsa2048)) + assert_equal(false, certificate_error_returns_false { cert.verify(@rsa1024) }) + assert_equal(false, certificate_error_returns_false { cert.verify(@rsa2048) }) assert_equal(false, cert.verify(@dsa256)) assert_equal(true, cert.verify(@dsa512)) cert.not_after = Time.now @@ -166,6 +167,14 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase nil, nil, OpenSSL::Digest::MD5.new) } end + + private + + def certificate_error_returns_false + yield + rescue OpenSSL::X509::CertificateError + false + end end end diff --git a/test/openssl/test_x509crl.rb b/test/openssl/test_x509crl.rb index 5a12c299a2..61a8de5723 100644 --- a/test/openssl/test_x509crl.rb +++ b/test/openssl/test_x509crl.rb @@ -197,8 +197,8 @@ class OpenSSL::TestX509CRL < Test::Unit::TestCase cert, @rsa2048, OpenSSL::Digest::SHA1.new) assert_equal(false, crl.verify(@rsa1024)) assert_equal(true, crl.verify(@rsa2048)) - assert_equal(false, crl.verify(@dsa256)) - assert_equal(false, crl.verify(@dsa512)) + assert_equal(false, crl_error_returns_false { crl.verify(@dsa256) }) + assert_equal(false, crl_error_returns_false { crl.verify(@dsa512) }) crl.version = 0 assert_equal(false, crl.verify(@rsa2048)) @@ -206,13 +206,21 @@ class OpenSSL::TestX509CRL < Test::Unit::TestCase nil, nil, OpenSSL::Digest::DSS1.new) crl = issue_crl([], 1, Time.now, Time.now+1600, [], cert, @dsa512, OpenSSL::Digest::DSS1.new) - assert_equal(false, crl.verify(@rsa1024)) - assert_equal(false, crl.verify(@rsa2048)) + assert_equal(false, crl_error_returns_false { crl.verify(@rsa1024) }) + assert_equal(false, crl_error_returns_false { crl.verify(@rsa2048) }) assert_equal(false, crl.verify(@dsa256)) assert_equal(true, crl.verify(@dsa512)) crl.version = 0 assert_equal(false, crl.verify(@dsa512)) end + + private + + def crl_error_returns_false + yield + rescue OpenSSL::X509::CRLError + false + end end end diff --git a/test/openssl/test_x509req.rb b/test/openssl/test_x509req.rb index 2da90c4c96..f53408f696 100644 --- a/test/openssl/test_x509req.rb +++ b/test/openssl/test_x509req.rb @@ -107,22 +107,22 @@ class OpenSSL::TestX509Request < Test::Unit::TestCase req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new) assert_equal(true, req.verify(@rsa1024)) assert_equal(false, req.verify(@rsa2048)) - assert_equal(false, req.verify(@dsa256)) - assert_equal(false, req.verify(@dsa512)) + assert_equal(false, request_error_returns_false { req.verify(@dsa256) }) + assert_equal(false, request_error_returns_false { req.verify(@dsa512) }) req.version = 1 assert_equal(false, req.verify(@rsa1024)) req = issue_csr(0, @dn, @rsa2048, OpenSSL::Digest::MD5.new) assert_equal(false, req.verify(@rsa1024)) assert_equal(true, req.verify(@rsa2048)) - assert_equal(false, req.verify(@dsa256)) - assert_equal(false, req.verify(@dsa512)) + assert_equal(false, request_error_returns_false { req.verify(@dsa256) }) + assert_equal(false, request_error_returns_false { req.verify(@dsa512) }) req.subject = OpenSSL::X509::Name.parse("/C=JP/CN=FooBar") assert_equal(false, req.verify(@rsa2048)) req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest::DSS1.new) - assert_equal(false, req.verify(@rsa1024)) - assert_equal(false, req.verify(@rsa2048)) + assert_equal(false, request_error_returns_false { req.verify(@rsa1024) }) + assert_equal(false, request_error_returns_false { req.verify(@rsa2048) }) assert_equal(false, req.verify(@dsa256)) assert_equal(true, req.verify(@dsa512)) req.public_key = @rsa1024.public_key @@ -133,6 +133,14 @@ class OpenSSL::TestX509Request < Test::Unit::TestCase assert_raise(OpenSSL::X509::RequestError){ issue_csr(0, @dn, @dsa512, OpenSSL::Digest::MD5.new) } end + + private + + def request_error_returns_false + yield + rescue OpenSSL::X509::RequestError + false + end end end -- cgit v1.2.3