Fix openssl_x509_checkpurpose_basic.phpt

This test fails because san-cert.pem and san-ca.pem have expired. We fix that by using the CertificateGenerator to generate temporary certs during the test run. Since san-cert.pem and san-ca.pem have been identical, we only generate one certificate. Closes GH-7763.
php · Dec 12, 2021 · 98175fc · 98175fc
1 parent f533744
commit 98175fc
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 47 deletions.
diff --git a/ext/openssl/tests/openssl_x509_checkpurpose_basic.phpt b/ext/openssl/tests/openssl_x509_checkpurpose_basic.phpt
@@ -8,10 +8,14 @@ if (OPENSSL_VERSION_NUMBER < 0x10000000) die("skip Output requires OpenSSL 1.0")
 ?>
 --FILE--
 <?php
+include 'CertificateGenerator.inc';
+$certificateGenerator = new CertificateGenerator();
+$certificateGenerator->saveCaCert(__DIR__ . "/san-cert.pem");
+
 $cert = "file://" . __DIR__ . "/cert.crt";
 $bert = "file://" . __DIR__ . "/bug41033.pem";
 $sert = "file://" . __DIR__ . "/san-cert.pem";
-$cpca = __DIR__ . "/san-ca.pem";
+$cpca = __DIR__ . "/san-cert.pem";
 $utfl = __DIR__ . "/sni_server_uk.pem";
 $rcrt = openssl_x509_read($cert);
 
@@ -84,6 +88,10 @@ var_dump(openssl_x509_checkpurpose($sert, X509_PURPOSE_SMIME_ENCRYPT, array($cpc
 var_dump(openssl_x509_checkpurpose($sert, X509_PURPOSE_CRL_SIGN, array($cpca), $utfl));
 var_dump(openssl_x509_checkpurpose($sert, X509_PURPOSE_ANY, array($cpca), $utfl));
 ?>
+--CLEAN--
+<?php
+@unlink(__DIR__ . "/san-cert.pem");
+?>
 --EXPECT--
 bool(false)
 bool(false)

diff --git a/ext/openssl/tests/san-ca.pem b/ext/openssl/tests/san-ca.pem
diff --git a/ext/openssl/tests/san-cert.pem b/ext/openssl/tests/san-cert.pem