Mirror
/
cpython
mirror of https://github.com/python/cpython
4
1
Fork 0
Code Issues Releases Wiki Activity

gh-107562: make_ssl_certs.py: produce test certificates that expire far in the future by default (GH-107594) 

This allows testing Y2038 with system time set to after that,
so that actual Y2038 issues can be exposed, and not masked
by expired certificate errors.

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
This commit is contained in:
Alexander Kanavin 2024-10-09 11:16:08 +02:00 committed by GitHub
parent 21c04e1a97
commit 53930cbe47
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Lib/test/certdata/make_ssl_certs.py
View File

@ -9,8 +9,8 @@ import tempfile
from subprocess import *
startdate = "20180829142316Z"
enddate_default = "20371028142316Z"
days_default = "7000"
enddate_default = "25251028142316Z"
days_default = "140000"
req_template = """
[ default ]

1
Lib/test/test_ssl.py
View File

@ -383,6 +383,7 @@ class BasicSocketTests(unittest.TestCase):
ssl.RAND_add(bytearray(b"this is a random bytearray object"), 75.0)
def test_parse_cert(self):
self.maxDiff = None
# note that this uses an 'unofficial' function in _ssl.c,
# provided solely for this test, to exercise the certificate
# parsing code

3
Misc/NEWS.d/next/Tests/2023-08-03-17-26-55.gh-issue-107562.ZnbscS.rst Normal file
View File

@ -0,0 +1,3 @@
Test certificates have been updated to expire far in the future. This allows
testing Y2038 with system time set to after that, so that actual Y2038
issues can be exposed, and not masked by expired certificate errors.