diff options
| author | Andreas Metzler <ametzler@bebt.de> | 2023-02-28 18:49:56 +0100 |
|---|---|---|
| committer | Andreas Metzler <ametzler@bebt.de> | 2023-04-04 17:56:05 +0200 |
| commit | 31ece95986d2735421f3461b447acf2755c59838 (patch) | |
| tree | 6a55dde051a88f88083aabbc9cc00a5ea1fa37f4 | |
| parent | b9196b7b7bc5f65abe454a586ffdeabd826eb3d1 (diff) | |
| download | gnutls-31ece95986d2735421f3461b447acf2755c59838.tar.gz | |
Change timestamp format for faketime compatibility.
Change all timestamps passed to "datefudge -s" to "YYYY-MM-DD hh:mm:ss"
format for compatibility with faketime -f ("Freeze clock" advanced format)
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
31 files changed, 88 insertions, 88 deletions
diff --git a/tests/cert-reencoding.sh b/tests/cert-reencoding.sh index d8e8eabbc4..50d62d3bcb 100755 --- a/tests/cert-reencoding.sh +++ b/tests/cert-reencoding.sh @@ -238,7 +238,7 @@ _EOF echo "=== Bringing TLS server up ===" -TESTDATE="2018-03-01" +TESTDATE="2018-03-01 00:00:00" # Start OpenSSL TLS server # diff --git a/tests/cert-tests/alt-chain.sh b/tests/cert-tests/alt-chain.sh index b7490b8f63..564e614604 100755 --- a/tests/cert-tests/alt-chain.sh +++ b/tests/cert-tests/alt-chain.sh @@ -41,7 +41,7 @@ OLD_CA_FILE="${srcdir}/data/alt-chain-old-ca.pem" NEW_CA_FILE="${srcdir}/data/alt-chain-new-ca.pem" echo "" -datefudge -s "2017-5-10" \ +datefudge -s "2017-05-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --load-ca-certificate ${OLD_CA_FILE} --verify-hostname www.google.com --verify --infile "${srcdir}/data/alt-chain.pem" >${OUTFILE} rc=$? @@ -52,7 +52,7 @@ if test "${rc}" != "1"; then fi echo "" -datefudge -s "2017-5-10" \ +datefudge -s "2017-05-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --load-ca-certificate ${NEW_CA_FILE} --verify-hostname www.google.com --verify --infile "${srcdir}/data/alt-chain.pem" >${OUTFILE} rc=$? diff --git a/tests/cert-tests/cert-non-digits-time.sh b/tests/cert-tests/cert-non-digits-time.sh index 16d5448972..e21e638637 100755 --- a/tests/cert-tests/cert-non-digits-time.sh +++ b/tests/cert-tests/cert-non-digits-time.sh @@ -34,7 +34,7 @@ fi skip_if_no_datefudge # Check whether certificates with non-digits time fields are accepted -datefudge -s "2019-12-19" \ +datefudge -s "2019-12-19 00:00:00" \ ${VALGRIND}"${CERTTOOL}" --verify --load-ca-certificate "${srcdir}/data/cert-with-non-digits-time-ca.pem" --infile "${srcdir}/data/cert-with-non-digits-time.pem" rc=$? diff --git a/tests/cert-tests/certtool-verify-profiles.sh b/tests/cert-tests/certtool-verify-profiles.sh index f4c23e6431..91ef81c91e 100755 --- a/tests/cert-tests/certtool-verify-profiles.sh +++ b/tests/cert-tests/certtool-verify-profiles.sh @@ -38,7 +38,7 @@ OUTFILE=out-pkcs7.$$.tmp skip_if_no_datefudge echo "Checking chain with insecure leaf" -datefudge -s "2019-12-19" \ +datefudge -s "2019-12-19 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-chain --verify-profile=medium --infile "${srcdir}/data/chain-512-leaf.pem" >${OUTFILE} rc=$? @@ -49,7 +49,7 @@ if test "${rc}" != "1"; then fi echo "Checking chain with insecure subca" -datefudge -s "2019-12-19" \ +datefudge -s "2019-12-19 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-chain --verify-profile=medium --infile "${srcdir}/data/chain-512-subca.pem" >${OUTFILE} rc=$? @@ -61,7 +61,7 @@ fi echo "Checking chain with insecure ca" -datefudge -s "2019-12-19" \ +datefudge -s "2019-12-19 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-chain --verify-profile=medium --infile "${srcdir}/data/chain-512-ca.pem" >${OUTFILE} rc=$? diff --git a/tests/cert-tests/crq.sh b/tests/cert-tests/crq.sh index 21044cfa3f..7533168908 100755 --- a/tests/cert-tests/crq.sh +++ b/tests/cert-tests/crq.sh @@ -59,7 +59,7 @@ fi rm -f "${OUTFILE}" # check whether the honor_crq_extension option works -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-request \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-tlsfeature.tmpl" \ @@ -78,7 +78,7 @@ if grep -v '^-----BEGIN [A-Z0-9 ]\+-----$' ${TMPFILE} | grep -v '^[A-Za-z0-9/+=] exit 1 fi -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-certificate \ --load-ca-privkey "${srcdir}/data/template-test.key" \ --load-ca-certificate "${srcdir}/data/template-tlsfeature.pem" \ @@ -131,7 +131,7 @@ N __EOF__ setsid \ -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" -q \ --load-privkey "${srcdir}/data/template-test.key" \ --outfile "${OUTFILE}" <$TMPFILE 2>/dev/null @@ -147,7 +147,7 @@ if test "${rc}" != "0"; then fi # check whether the generation with extension works -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-request \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/arb-extensions.tmpl" \ @@ -168,7 +168,7 @@ if test "${rc}" != "0"; then fi # Generate certificate from CRQ with no explicit extensions -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-certificate \ --load-ca-privkey "${srcdir}/../../doc/credentials/x509/ca-key.pem" \ --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" \ @@ -191,7 +191,7 @@ if test "${rc}" != "0"; then fi # Generate certificate from CRQ with CRQ extensions -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-certificate \ --load-ca-privkey "${srcdir}/../../doc/credentials/x509/ca-key.pem" \ --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" \ @@ -214,7 +214,7 @@ if test "${rc}" != "0"; then fi # Generate certificate from CRQ with explicit extensions -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-certificate \ --load-ca-privkey "${srcdir}/../../doc/credentials/x509/ca-key.pem" \ --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" \ diff --git a/tests/cert-tests/inhibit-anypolicy.sh b/tests/cert-tests/inhibit-anypolicy.sh index 7623f7c0ac..1df91c00e9 100755 --- a/tests/cert-tests/inhibit-anypolicy.sh +++ b/tests/cert-tests/inhibit-anypolicy.sh @@ -37,7 +37,7 @@ SUBCAFILE=inhibit-subca.$$.tmp skip_if_no_datefudge -datefudge -s "2017-04-22" \ +datefudge -s "2017-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/key-ca.pem" \ --template "${srcdir}/templates/inhibit-anypolicy.tmpl" \ @@ -56,7 +56,7 @@ fi echo ca > $TEMPLFILE echo "cn = sub-CA" >> $TEMPLFILE -datefudge -s "2017-04-23" \ +datefudge -s "2017-04-23 00:00:00" \ "${CERTTOOL}" -d 2 --generate-certificate --template $TEMPLFILE \ --load-ca-privkey "${srcdir}/data/key-ca.pem" \ --load-ca-certificate $CAFILE \ @@ -71,7 +71,7 @@ fi cat $SUBCAFILE $CAFILE > ${TMPFILE} # we do not support the inhibit any policy extension for verification -datefudge -s "2017-04-25" "${CERTTOOL}" --verify-chain --infile ${TMPFILE} +datefudge -s "2017-04-25 00:00:00" "${CERTTOOL}" --verify-chain --infile ${TMPFILE} rc=$? if test "$rc" != "0"; then echo "Verification failed unexpectedly ($rc)" diff --git a/tests/cert-tests/invalid-sig.sh b/tests/cert-tests/invalid-sig.sh index f621614062..1aae3fd40e 100755 --- a/tests/cert-tests/invalid-sig.sh +++ b/tests/cert-tests/invalid-sig.sh @@ -86,7 +86,7 @@ fi if check_for_datefudge; then #this was causing a double free; verify that we receive the expected error code - datefudge -s 2020-01-01 \ + datefudge -s "2020-01-01 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-chain --infile "${srcdir}/data/cve-2019-3829.pem" rc=$? diff --git a/tests/cert-tests/krb5-test.sh b/tests/cert-tests/krb5-test.sh index a4787f6695..ee1af0f2ed 100755 --- a/tests/cert-tests/krb5-test.sh +++ b/tests/cert-tests/krb5-test.sh @@ -44,7 +44,7 @@ fi # time set using datefudge could have changed since the generation # (if example the system was busy) -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-krb5name.tmpl" \ @@ -70,7 +70,7 @@ fi cp "${srcdir}/templates/template-krb5name.tmpl" ${TMPLFILE} echo "krb5_principal = 'xxxxxxxxxxxxxx'" >>${TMPLFILE} -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template ${TMPLFILE} \ @@ -87,7 +87,7 @@ fi cp "${srcdir}/templates/template-krb5name.tmpl" ${TMPLFILE} echo "krb5_principal = 'comp1/comp2/comp3/comp4/comp5/comp6/comp7/comp8/comp9/comp10@REALM.COM'" >>${TMPLFILE} -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template ${TMPLFILE} \ diff --git a/tests/cert-tests/md5-test.sh b/tests/cert-tests/md5-test.sh index 4cea9e8e4c..d8c830f65c 100755 --- a/tests/cert-tests/md5-test.sh +++ b/tests/cert-tests/md5-test.sh @@ -37,7 +37,7 @@ skip_if_no_datefudge # Test MD5 signatures -datefudge -s "2016-04-15" \ +datefudge -s "2016-04-15 00:00:00" \ "${CERTTOOL}" --verify-chain --infile "${srcdir}/data/chain-md5.pem" >/dev/null 2>&1 rc=$? if test "${rc}" != "1"; then @@ -45,7 +45,7 @@ if test "${rc}" != "1"; then exit ${rc} fi -datefudge -s "2016-04-15" \ +datefudge -s "2016-04-15 00:00:00" \ "${CERTTOOL}" --verify-allow-broken --verify-chain --infile "${srcdir}/data/chain-md5.pem" >/dev/null 2>&1 rc=$? if test "${rc}" != "0"; then diff --git a/tests/cert-tests/name-constraints.sh b/tests/cert-tests/name-constraints.sh index aa411d7f6d..be7f9dfc76 100755 --- a/tests/cert-tests/name-constraints.sh +++ b/tests/cert-tests/name-constraints.sh @@ -37,7 +37,7 @@ TMPFILE=constraints.$$.pem.tmp skip_if_no_datefudge -datefudge -s "2016-04-22" \ +datefudge -s "2016-04-22 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-allow-broken -e --infile "${srcdir}/data/name-constraints-ip.pem" rc=$? diff --git a/tests/cert-tests/othername-test.sh b/tests/cert-tests/othername-test.sh index 6d1b697dc3..ce5be4c84b 100755 --- a/tests/cert-tests/othername-test.sh +++ b/tests/cert-tests/othername-test.sh @@ -38,7 +38,7 @@ skip_if_no_datefudge # time set using datefudge could have changed since the generation # (if example the system was busy) -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-othername.tmpl" \ @@ -53,7 +53,7 @@ if test "${rc}" != "0"; then exit ${rc} fi -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-othername-xmpp.tmpl" \ diff --git a/tests/cert-tests/pkcs7-cat.sh b/tests/cert-tests/pkcs7-cat.sh index 8a8681d09f..643b724dee 100755 --- a/tests/cert-tests/pkcs7-cat.sh +++ b/tests/cert-tests/pkcs7-cat.sh @@ -36,7 +36,7 @@ OUTFILE=out-pkcs7.$$.tmp . ${srcdir}/../scripts/common.sh skip_if_no_datefudge -datefudge -s "2016-10-1" \ +datefudge -s "2016-10-01 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-allow-broken --p7-verify --inder --infile "${srcdir}/data/pkcs7-cat.p7" --load-ca-certificate "${srcdir}/data/pkcs7-cat-ca.pem" rc=$? diff --git a/tests/cert-tests/pkcs7-constraints.sh b/tests/cert-tests/pkcs7-constraints.sh index e0606d7082..aef86b553d 100755 --- a/tests/cert-tests/pkcs7-constraints.sh +++ b/tests/cert-tests/pkcs7-constraints.sh @@ -51,7 +51,7 @@ fi FILE="signing-verify-no-purpose" echo "" echo "test: $FILE" -datefudge -s "2015-1-10" \ +datefudge -s "2015-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --p7-verify --load-ca-certificate "${srcdir}/data/code-signing-ca.pem" <"${OUTFILE}" rc=$? @@ -63,7 +63,7 @@ fi FILE="signing-verify-valid-purpose" echo "" echo "test: $FILE" -datefudge -s "2015-1-10" \ +datefudge -s "2015-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-purpose 1.3.6.1.5.5.7.3.3 --p7-verify --load-ca-certificate "${srcdir}/data/code-signing-ca.pem" <"${OUTFILE}" rc=$? @@ -75,7 +75,7 @@ fi FILE="signing-verify-invalid-purpose" echo "" echo "test: $FILE" -datefudge -s "2015-1-10" \ +datefudge -s "2015-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-purpose 1.3.6.1.5.5.7.3.1 --p7-verify --load-ca-certificate "${srcdir}/data/code-signing-ca.pem" <"${OUTFILE}" rc=$? @@ -87,7 +87,7 @@ fi FILE="signing-verify-invalid-date-1" echo "" echo "test: $FILE" -datefudge -s "2011-1-10" \ +datefudge -s "2011-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-purpose 1.3.6.1.5.5.7.3.3 --p7-verify --load-ca-certificate "${srcdir}/data/code-signing-ca.pem" <"${OUTFILE}" rc=$? @@ -99,7 +99,7 @@ fi FILE="signing-verify-invalid-date-2" echo "" echo "test: $FILE" -datefudge -s "2018-1-10" \ +datefudge -s "2018-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-purpose 1.3.6.1.5.5.7.3.3 --p7-verify --load-ca-certificate "${srcdir}/data/code-signing-ca.pem" <"${OUTFILE}" rc=$? diff --git a/tests/cert-tests/pkcs7-constraints2.sh b/tests/cert-tests/pkcs7-constraints2.sh index 7fa333a153..648e95a845 100755 --- a/tests/cert-tests/pkcs7-constraints2.sh +++ b/tests/cert-tests/pkcs7-constraints2.sh @@ -51,7 +51,7 @@ fi FILE="signing-verify-no-purpose" echo "" echo "test: $FILE" -datefudge -s "2015-1-10" \ +datefudge -s "2015-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --p7-verify --load-certificate "${srcdir}/data/code-signing-cert.pem" <"${OUTFILE}" rc=$? @@ -63,7 +63,7 @@ fi FILE="signing-verify-valid-purpose" echo "" echo "test: $FILE" -datefudge -s "2015-1-10" \ +datefudge -s "2015-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-purpose 1.3.6.1.5.5.7.3.3 --p7-verify --load-certificate "${srcdir}/data/code-signing-cert.pem" <"${OUTFILE}" rc=$? @@ -75,7 +75,7 @@ fi FILE="signing-verify-invalid-purpose" echo "" echo "test: $FILE" -datefudge -s "2015-1-10" \ +datefudge -s "2015-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-purpose 1.3.6.1.5.5.7.3.1 --p7-verify --load-certificate "${srcdir}/data/code-signing-cert.pem" <"${OUTFILE}" rc=$? @@ -87,7 +87,7 @@ fi FILE="signing-verify-invalid-date-1" echo "" echo "test: $FILE" -datefudge -s "2011-1-10" \ +datefudge -s "2011-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-purpose 1.3.6.1.5.5.7.3.3 --p7-verify --load-certificate "${srcdir}/data/code-signing-cert.pem" <"${OUTFILE}" rc=$? @@ -99,7 +99,7 @@ fi FILE="signing-verify-invalid-date-2" echo "" echo "test: $FILE" -datefudge -s "2018-1-10" \ +datefudge -s "2018-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-purpose 1.3.6.1.5.5.7.3.3 --p7-verify --load-certificate "${srcdir}/data/code-signing-cert.pem" <"${OUTFILE}" rc=$? diff --git a/tests/cert-tests/pkcs7.sh b/tests/cert-tests/pkcs7.sh index 6122a31859..65bb45cb8a 100755 --- a/tests/cert-tests/pkcs7.sh +++ b/tests/cert-tests/pkcs7.sh @@ -80,7 +80,7 @@ fi for FILE in full.p7b openssl.p7b openssl-keyid.p7b; do # check validation with date prior to CA issuance -datefudge -s "2011-1-10" \ +datefudge -s "2011-01-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --inder --p7-verify --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" --infile "${srcdir}/data/${FILE}" >"${OUTFILE}" rc=$? @@ -90,7 +90,7 @@ if test "${rc}" = "0"; then fi # check validation with date prior to intermediate cert issuance -datefudge -s "2011-5-28 08:38:00 UTC" \ +env TZ=UTC datefudge -s "2011-05-28 08:38:00" \ ${VALGRIND} "${CERTTOOL}" --inder --p7-verify --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" --infile "${srcdir}/data/${FILE}" >"${OUTFILE}" rc=$? @@ -100,7 +100,7 @@ if test "${rc}" = "0"; then fi # check validation with date after intermediate cert issuance -datefudge -s "2038-10-13" \ +datefudge -s "2038-10-13 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --inder --p7-verify --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" --infile "${srcdir}/data/${FILE}" >"${OUTFILE}" rc=$? diff --git a/tests/cert-tests/rsa-pss-pad.sh b/tests/cert-tests/rsa-pss-pad.sh index 4a1928c664..aa2a900345 100755 --- a/tests/cert-tests/rsa-pss-pad.sh +++ b/tests/cert-tests/rsa-pss-pad.sh @@ -41,7 +41,7 @@ skip_if_no_datefudge # Test PSS signatures on certificate for i in sha256 sha384 sha512;do -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed --key-type rsa-pss \ --load-privkey "${srcdir}/data/privkey1.pem" \ --template "${srcdir}/templates/template-test.tmpl" \ @@ -59,7 +59,7 @@ if test "${rc}" != "0"; then exit ${rc} fi -datefudge -s "2007-04-25" \ +datefudge -s "2007-04-25 00:00:00" \ "${CERTTOOL}" --load-ca-certificate "${TMPFILE}" --verify --infile "${TMPFILE}" >/dev/null 2>&1 rc=$? if test "${rc}" != "0"; then diff --git a/tests/cert-tests/sha3-test.sh b/tests/cert-tests/sha3-test.sh index a3c015555d..5c2eb91d64 100755 --- a/tests/cert-tests/sha3-test.sh +++ b/tests/cert-tests/sha3-test.sh @@ -41,7 +41,7 @@ skip_if_no_datefudge # Test SHA3 signatures for i in sha3-224 sha3-256 sha3-384 sha3-512;do -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-test.tmpl" \ @@ -59,7 +59,7 @@ if test "${rc}" != "0"; then exit ${rc} fi -datefudge -s "2007-04-25" \ +datefudge -s "2007-04-25 00:00:00" \ "${CERTTOOL}" --load-ca-certificate "${TMPFILE}" --verify --infile "${TMPFILE}" >/dev/null 2>&1 rc=$? if test "${rc}" != "0"; then @@ -71,7 +71,7 @@ done # Test SHA3 signatures with ECDSA for i in sha3-224 sha3-256 sha3-384 sha3-512;do -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test-ecc.key" \ --template "${srcdir}/templates/template-test.tmpl" \ @@ -83,7 +83,7 @@ if test "${rc}" != "0"; then exit ${rc} fi -datefudge -s "2007-04-25" \ +datefudge -s "2007-04-25 00:00:00" \ "${CERTTOOL}" --load-ca-certificate "${TMPFILE}" --verify --infile "${TMPFILE}" >/dev/null 2>&1 rc=$? if test "${rc}" != "0"; then diff --git a/tests/cert-tests/smime.sh b/tests/cert-tests/smime.sh index b4fde1351a..ded942bbd1 100755 --- a/tests/cert-tests/smime.sh +++ b/tests/cert-tests/smime.sh @@ -46,7 +46,7 @@ if test "${rc}" != "0"; then fi -datefudge -s "2017-4-6" \ +datefudge -s "2017-04-06 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --p7-verify --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" <"${OUTFILE}" rc=$? diff --git a/tests/cert-tests/template-exts-test.sh b/tests/cert-tests/template-exts-test.sh index da4ccb0622..f4f346ac97 100755 --- a/tests/cert-tests/template-exts-test.sh +++ b/tests/cert-tests/template-exts-test.sh @@ -34,7 +34,7 @@ export TZ="UTC" skip_if_no_datefudge -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/arb-extensions.tmpl" \ @@ -52,7 +52,7 @@ fi rm -f "$OUTFILE" # Test adding critical extensions only -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/crit-extensions.tmpl" \ @@ -69,7 +69,7 @@ fi rm -f "$OUTFILE" -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-request \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/arb-extensions.tmpl" \ diff --git a/tests/cert-tests/template-policy-test.sh b/tests/cert-tests/template-policy-test.sh index c82be96957..d3231affb7 100755 --- a/tests/cert-tests/template-policy-test.sh +++ b/tests/cert-tests/template-policy-test.sh @@ -34,7 +34,7 @@ export TZ="UTC" skip_if_no_datefudge -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/simple-policy.tmpl" \ diff --git a/tests/cert-tests/template-test.sh b/tests/cert-tests/template-test.sh index 0233211287..b8649364f0 100755 --- a/tests/cert-tests/template-test.sh +++ b/tests/cert-tests/template-test.sh @@ -41,7 +41,7 @@ echo "Running test for ${ac_cv_sizeof_time_t}-byte time_t" # time set using datefudge could have changed since the generation # (if example the system was busy) -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-test.tmpl" \ @@ -58,7 +58,7 @@ fi rm -f ${TMPFILE} -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-utf8.tmpl" \ @@ -75,7 +75,7 @@ fi rm -f ${TMPFILE} -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-dn.tmpl" \ @@ -94,7 +94,7 @@ rm -f ${TMPFILE} echo "Running test for certificate generation with --generate-self-signed" -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-certificate \ --load-privkey "${srcdir}/data/template-test.key" \ --load-ca-privkey "${srcdir}/../../doc/credentials/x509/ca-key.pem" \ @@ -113,7 +113,7 @@ fi rm -f ${TMPFILE} -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-dn-err.tmpl" \ @@ -127,7 +127,7 @@ fi rm -f ${TMPFILE} -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-overflow.tmpl" \ @@ -146,7 +146,7 @@ rm -f ${TMPFILE} # The following test works in 64-bit systems -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-overflow2.tmpl" \ @@ -176,7 +176,7 @@ else fi rm -f ${TMPFILE} -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-date.tmpl" \ @@ -193,7 +193,7 @@ fi rm -f ${TMPFILE} -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-dates-after2038.tmpl" \ @@ -223,7 +223,7 @@ rm -f ${TMPFILE} # Test name constraints generation -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-nc.tmpl" \ @@ -244,7 +244,7 @@ rm -f ${TMPFILE} # Test the GeneralizedTime support if test "${ac_cv_sizeof_time_t}" = 8;then # we should test that on systems which have 64-bit time_t. - datefudge -s "2051-04-22" \ + datefudge -s "2051-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-generalized.tmpl" \ @@ -264,7 +264,7 @@ rm -f ${TMPFILE} # Test unique ID field generation -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-unique.tmpl" \ @@ -283,7 +283,7 @@ rm -f ${TMPFILE} # Test generation with very long dns names -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-long-dns.tmpl" \ @@ -302,7 +302,7 @@ rm -f ${TMPFILE} # Test generation with larger serial number -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-long-serial.tmpl" \ diff --git a/tests/cert-tests/tlsfeature-test.sh b/tests/cert-tests/tlsfeature-test.sh index 203563f819..52fd92095c 100755 --- a/tests/cert-tests/tlsfeature-test.sh +++ b/tests/cert-tests/tlsfeature-test.sh @@ -38,7 +38,7 @@ skip_if_no_datefudge # # Test certificate generation # -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-self-signed \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-tlsfeature.tmpl" \ @@ -97,7 +97,7 @@ fi # Test certificate request generation # -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-request \ --load-privkey "${srcdir}/data/template-test.key" \ --template "${srcdir}/templates/template-tlsfeature.tmpl" \ @@ -158,7 +158,7 @@ fi # # Test certificate generation after a request # -datefudge -s "2007-04-22" \ +datefudge -s "2007-04-22 00:00:00" \ "${CERTTOOL}" --generate-certificate \ --load-privkey "${srcdir}/data/template-test.key" \ --load-ca-privkey "${srcdir}/data/template-test.key" \ diff --git a/tests/certtool-pkcs11.sh b/tests/certtool-pkcs11.sh index 26d6963810..299083e90c 100755 --- a/tests/certtool-pkcs11.sh +++ b/tests/certtool-pkcs11.sh @@ -115,7 +115,7 @@ verify_certificate_test() { file=$2 echo -n "* Verifying a certificate... " - datefudge -s "2015-10-10" \ + datefudge -s "2015-10-10 00:00:00" \ $CERTTOOL ${ADDITIONAL_PARAM} --verify --load-ca-certificate "$url" --infile "$file" >>"${TMPFILE}" 2>&1 if test $? = 0; then echo ok diff --git a/tests/ocsp-tests/ocsp-load-chain.sh b/tests/ocsp-tests/ocsp-load-chain.sh index 33cc020fcb..35cd509f4d 100755 --- a/tests/ocsp-tests/ocsp-load-chain.sh +++ b/tests/ocsp-tests/ocsp-load-chain.sh @@ -33,7 +33,7 @@ export TZ="UTC" skip_if_no_datefudge -datefudge -s "2017-06-19" \ +datefudge -s "2017-06-19 00:00:00" \ "${OCSPTOOL}" -e --load-chain "${srcdir}/ocsp-tests/certs/chain-amazon.com.pem" --infile "${srcdir}/ocsp-tests/certs/ocsp-amazon.com.der" --verify-allow-broken rc=$? @@ -43,7 +43,7 @@ if test "${rc}" != "0"; then exit ${rc} fi -datefudge -s "2017-06-19" \ +datefudge -s "2017-06-19 00:00:00" \ "${OCSPTOOL}" -e --load-chain "${srcdir}/ocsp-tests/certs/chain-amazon.com-unsorted.pem" --infile "${srcdir}/ocsp-tests/certs/ocsp-amazon.com.der" --verify-allow-broken rc=$? @@ -54,7 +54,7 @@ if test "${rc}" != "0"; then fi # verify an OCSP response using ECDSA -datefudge -s "2017-06-29" \ +datefudge -s "2017-06-29 00:00:00" \ "${OCSPTOOL}" -d 6 -e --load-chain "${srcdir}/ocsp-tests/certs/chain-akamai.com.pem" --infile "${srcdir}/ocsp-tests/certs/ocsp-akamai.com.der" rc=$? diff --git a/tests/ocsp-tests/ocsp-must-staple-connection.sh b/tests/ocsp-tests/ocsp-must-staple-connection.sh index 880e50bbe5..f6fa6341d7 100755 --- a/tests/ocsp-tests/ocsp-must-staple-connection.sh +++ b/tests/ocsp-tests/ocsp-must-staple-connection.sh @@ -74,9 +74,9 @@ if ! ("$OPENSSL" version) > /dev/null 2>&1; then exit 77 fi -CERTDATE="2016-04-28" -TESTDATE="2016-04-29" -EXP_OCSP_DATE="2016-03-27" +CERTDATE="2016-04-28 00:00:00" +TESTDATE="2016-04-29 00:00:00" +EXP_OCSP_DATE="2016-03-27 00:00:00" OCSP_PID="" TLS_SERVER_PID="" @@ -307,7 +307,7 @@ rm -f "${OCSP_RESPONSE_FILE}" # Generate an OCSP response which expires in 2 days and use it after # a month. gnutls server doesn't send such a staple to clients. ${VALGRIND} ${OCSPTOOL} --generate-request --load-issuer "${srcdir}/ocsp-tests/certs/ocsp-server.pem" --load-cert "${SERVER_CERT_FILE}" --outfile "${OCSP_REQ_FILE}" -datefudge -s ${EXP_OCSP_DATE} \ +datefudge -s "${EXP_OCSP_DATE}" \ ${OPENSSL} ocsp -index "${INDEXFILE}" -rsigner "${srcdir}/ocsp-tests/certs/ocsp-server.pem" -rkey "${srcdir}/ocsp-tests/certs/ocsp-server.key" -CA "${srcdir}/ocsp-tests/certs/ca.pem" -reqin "${OCSP_REQ_FILE}" -respout "${OCSP_RESPONSE_FILE}" -ndays 2 eval "${GETPORT}" @@ -367,7 +367,7 @@ echo "=== Test 6: Server with valid certificate - old staple ===" rm -f "${OCSP_RESPONSE_FILE}" ${VALGRIND} ${OCSPTOOL} --generate-request --load-issuer "${srcdir}/ocsp-tests/certs/ocsp-server.pem" --load-cert "${SERVER_CERT_FILE}" --outfile "${OCSP_REQ_FILE}" -datefudge -s ${EXP_OCSP_DATE} \ +datefudge -s "${EXP_OCSP_DATE}" \ ${OPENSSL} ocsp -index ${INDEXFILE} -rsigner "${srcdir}/ocsp-tests/certs/ocsp-server.pem" -rkey "${srcdir}/ocsp-tests/certs/ocsp-server.key" -CA "${srcdir}/ocsp-tests/certs/ca.pem" -reqin "${OCSP_REQ_FILE}" -respout "${OCSP_RESPONSE_FILE}" eval "${GETPORT}" diff --git a/tests/ocsp-tests/ocsp-signer-verify.sh b/tests/ocsp-tests/ocsp-signer-verify.sh index ce815ceadb..5c40b46e1a 100755 --- a/tests/ocsp-tests/ocsp-signer-verify.sh +++ b/tests/ocsp-tests/ocsp-signer-verify.sh @@ -31,7 +31,7 @@ export TZ="UTC" skip_if_no_datefudge -date="2021-07-14 00:00" +date="2021-07-14 00:00:00" sample_dir="${srcdir}/ocsp-tests/signer-verify" trusted="${sample_dir}/trust.pem" diff --git a/tests/ocsp-tests/ocsp-test.sh b/tests/ocsp-tests/ocsp-test.sh index ba173258d1..32ad12a6a0 100755 --- a/tests/ocsp-tests/ocsp-test.sh +++ b/tests/ocsp-tests/ocsp-test.sh @@ -37,7 +37,7 @@ skip_if_no_datefudge # time set using datefudge could have changed since the generation # (if example the system was busy) -datefudge -s "2016-04-22" \ +datefudge -s "2016-04-22 00:00:00" \ "${OCSPTOOL}" -e --load-signer "${srcdir}/ocsp-tests/certs/ca.pem" --infile "${srcdir}/ocsp-tests/response1.der" rc=$? @@ -47,7 +47,7 @@ if test "${rc}" != "0"; then exit ${rc} fi -datefudge -s "2016-04-22" \ +datefudge -s "2016-04-22 00:00:00" \ "${OCSPTOOL}" -e --load-signer "${srcdir}/ocsp-tests/certs/ocsp-server.pem" --infile "${srcdir}/ocsp-tests/response2.der" rc=$? @@ -57,7 +57,7 @@ if test "${rc}" != "0"; then exit ${rc} fi -datefudge -s "2016-04-22" \ +datefudge -s "2016-04-22 00:00:00" \ "${OCSPTOOL}" -e --load-signer "${srcdir}/ocsp-tests/certs/ca.pem" --infile "${srcdir}/ocsp-tests/response2.der" -d 4 rc=$? diff --git a/tests/ocsp-tests/ocsp-tls-connection.sh b/tests/ocsp-tests/ocsp-tls-connection.sh index 172c8431b2..6a04964802 100755 --- a/tests/ocsp-tests/ocsp-tls-connection.sh +++ b/tests/ocsp-tests/ocsp-tls-connection.sh @@ -74,8 +74,8 @@ if ! ("$OPENSSL" version) > /dev/null 2>&1; then exit 77 fi -CERTDATE="2016-04-28" -TESTDATE="2016-04-29" +CERTDATE="2016-04-28 00:00:00" +TESTDATE="2016-04-29 00:00:00" OCSP_PID="" TLS_SERVER_PID="" diff --git a/tests/pkcs7-cat.sh b/tests/pkcs7-cat.sh index 22dc5fdb5c..25ed8bd255 100755 --- a/tests/pkcs7-cat.sh +++ b/tests/pkcs7-cat.sh @@ -36,7 +36,7 @@ fi skip_if_no_datefudge #try verification -datefudge -s "2010-10-10" \ +datefudge -s "2010-10-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-allow-broken --inder --p7-verify --infile "${srcdir}/data/test1.cat" --load-certificate "${srcdir}/data/pkcs7-cat-ca.pem" rc=$? @@ -45,7 +45,7 @@ if test "${rc}" = "0"; then exit 1 fi -datefudge -s "2016-10-10" \ +datefudge -s "2016-10-10 00:00:00" \ ${VALGRIND} "${CERTTOOL}" --verify-allow-broken --inder --p7-verify --infile "${srcdir}/data/test1.cat" --load-certificate "${srcdir}/data/pkcs7-cat-ca.pem" rc=$? diff --git a/tests/rsa-md5-collision/rsa-md5-collision.sh b/tests/rsa-md5-collision/rsa-md5-collision.sh index 8e7cdc1cf0..0e31107a9f 100755 --- a/tests/rsa-md5-collision/rsa-md5-collision.sh +++ b/tests/rsa-md5-collision/rsa-md5-collision.sh @@ -36,7 +36,7 @@ skip_if_no_datefudge ASAN_OPTIONS="detect_leaks=0" export ASAN_OPTIONS -datefudge -s "2006-10-1" \ +datefudge -s "2006-10-01 00:00:00" \ "${CERTTOOL}" --verify-chain --outfile "$TMPFILE1" --infile "${srcdir}/rsa-md5-collision/colliding-chain-md5-1.pem" if test $? = 0;then echo "Verification on chain1 succeeded" @@ -50,7 +50,7 @@ if test $? != 0;then fi -datefudge -s "2006-10-1" \ +datefudge -s "2006-10-01 00:00:00" \ "${CERTTOOL}" --verify-chain --outfile "$TMPFILE2" --infile "${srcdir}/rsa-md5-collision/colliding-chain-md5-2.pem" if test $? = 0;then echo "Verification on chain2 succeeded" diff --git a/tests/testpkcs11.sh b/tests/testpkcs11.sh index 59177281d8..5d671322d5 100755 --- a/tests/testpkcs11.sh +++ b/tests/testpkcs11.sh @@ -66,7 +66,7 @@ have_ed25519=0 P11TOOL="${VALGRIND} ${P11TOOL} --batch" SERV="${SERV} -q" -TESTDATE=2020-12-01 +TESTDATE="2020-12-01 00:00:00" . ${srcdir}/scripts/common.sh |