Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make tests pass after 2019 #828

Closed
wants to merge 4 commits into from
Closed

Make tests pass after 2019 #828

wants to merge 4 commits into from

Conversation

bmwiedemann
Copy link

@bmwiedemann bmwiedemann commented Apr 12, 2019
edited

Without this patch, TestX509StoreContext.test_valid and 5 other tests
would fail after 2020-01-01

Fixes #735

This PR was done while working on reproducible builds for openSUSE.

Without the later commits, tests were failing in 2037 from pem files embedded in tests/test_crypto.py
as can be seen by pasting them into openssl x509 -text | grep Not.After

intermediate_cert_pem:         Not After : Aug 25 02:04:08 2024 GMT
intermediate_server_cert_pem:  Not After : Aug 25 02:10:48 2024 GMT
root_cert_pem:                 Not After : Jun  6 22:32:59 2037 GMT
server_cert_pem:               Not After : Jun  7 00:10:57 2037 GMT

@bmwiedemann
Copy link
Author

bmwiedemann commented Apr 12, 2019
edited

Added commits to make tests pass in 2037.
Also tested that it passes on i586 both today and in 2037

@bmwiedemann
Make tests pass after 2019
0d2fd1a 
Without this patch, TestX509StoreContext.test_valid and 5 other tests
would fail after 2020-01-01

Fixes pyca#735

This PR was done while working on reproducible builds for openSUSE.
@bmwiedemann
Add test keys as files
d08a742 
coming from tests/test_crypto.py
@bmwiedemann
Copy link
Author

Why is there always some unrelated travis check failing? How is someone supposed to get anything done in such an environment?

@reaperhulk
Copy link
Member

pyOpenSSL is a widely used project and as such it has some downstream tests for prominent packages to make sure changes do not break them. urllib3 is one such package. Unfortunately, its test suite is somewhat flaky, but we have judged the value of keeping it in the test suite to be higher than the cost. Repository owners can trigger retries but PR authors can also push empty commits to cause it to rebuild in the case of flakiness like that. I restarted the job and it passed, so there you go.

Of course, your change fails the check-manifest job for legitimate reasons which you should look into.

@bmwiedemann
Support creating test certs
60b9e10 
The 6840 in Makefile is due to some y2038 bug - should have been 363000
but one test failed then:

         with pytest.raises(X509StoreContextError) as exc:
             store_ctx.verify_certificate()

 >       assert exc.value.args[0][2] == 'certificate has expired'
 E       AssertionError: assert 'format error...tBefore field' == 'certi
as expired'
 E         - format error in certificate's notBefore field
 E         + certificate has expired

 tests/test_crypto.py:3572: AssertionError
@bmwiedemann
Copy link
Author

Thanks for the hint. The manifest problem was not so obvious (I do not do that much python). Pushed a fix and it looks greener now.

@bmwiedemann
Copy link
Author

ping

@bmwiedemann
Copy link
Author

2020 is getting closer and I would still like to see this merged. Or is there anything else that needs improvement?

@dtzWill
Copy link

dtzWill commented Jan 1, 2020

Well, thanks for this PR/patch! Fixes tests that started failing now that it's 2020 :).

@alex
Copy link
Member

alex commented Jan 1, 2020

Just want to note that we're not ignoring this intentionally.... we're just very bad and unmotivated with respect to pyOpenSSL.

gilligan added a commit to standard-ai/nixpkgs-tensorflow-rust that referenced this pull request Jan 16, 2020
@gilligan
pyOpenSSL: Fix certifacte bug
8ef7de2 
See pyca/pyopenssl#828
gilligan added a commit to standard-ai/nixpkgs-tensorflow-rust that referenced this pull request Jan 16, 2020
@gilligan
pyOpenSSL: Fix certifacte bug
0c66a6d 
See pyca/pyopenssl#828
@alex
Copy link
Member

alex commented Apr 8, 2020

It's 2020, tests are passing, can we declare this complete?

@bmwiedemann
Copy link
Author

OK, it seems, @alex fixed it in 675534c for #888

@bmwiedemann bmwiedemann closed this Apr 8, 2020
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 15, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

certificate verify fails in 2020-01-01
4 participants
@bmwiedemann @reaperhulk @dtzWill @alex