tests: allow running specific chainverify tests on fixed dates

1 files changed, 11 insertions, 10 deletions

diff --git a/tests/test-chains.h b/tests/test-chains.h
index fd6c565152..f6dc816864 100644
--- a/tests/test-chains.h
+++ b/tests/test-chains.h
@@ -1738,11 +1738,12 @@ static struct
   unsigned int verify_flags;
   unsigned int expected_verify_result;
   const char *purpose;
+  time_t expected_time;
 } chains[] =
 {
   { "CVE-2014-0092", cve_2014_0092_check, &cve_2014_0092_check[1],
     0,
-    GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_NOT_ACTIVATED | GNUTLS_CERT_INVALID, NULL},
+    GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID, NULL, 1412850586},
   { "CVE-2008-4989", cve_2008_4989_chain, &cve_2008_4989_chain[2],
     0,
     GNUTLS_CERT_SIGNER_NOT_FOUND | GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID, NULL},
@@ -1836,15 +1837,15 @@ static struct
   	GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL},
   { "ecc cert not ok (due to profile)", ecc_cert, &ecc_cert[1], GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_SUITEB192), 
   	GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL},
-  { "name constraints chain ok1", nc_good1, &nc_good1[4], GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, NULL},
-  { "name constraints chain bad1", nc_bad1, &nc_bad1[2], GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL},
-  { "name constraints chain bad2", nc_bad2, &nc_bad2[4], GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL},
-  { "name constraints chain bad3", nc_bad3, &nc_bad3[2], GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL},
-  { "modified", modified1, &modified1[3], GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNATURE_FAILURE, NULL},
-  { "not-modified", modified2, &modified2[3], GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, NULL},
-  { "kp-interm", kp_fail1, &kp_fail1[3], GNUTLS_VERIFY_KEY_PURPOSE_ON_INTERMEDIATE|GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_INVALID | GNUTLS_CERT_PURPOSE_MISMATCH, GNUTLS_KP_TLS_WWW_SERVER},
-  { "kp-fin", kp_fail2, &kp_fail2[3], GNUTLS_VERIFY_KEY_PURPOSE_ON_INTERMEDIATE|GNUTLS_VERIFY_DISABLE_TIME_CHECKS, GNUTLS_CERT_INVALID | GNUTLS_CERT_PURPOSE_MISMATCH, GNUTLS_KP_TLS_WWW_SERVER},
-  { "kp-ok", kp_ok, &kp_ok[3], GNUTLS_VERIFY_KEY_PURPOSE_ON_INTERMEDIATE|GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0, GNUTLS_KP_OCSP_SIGNING},
+  { "name constraints chain ok1", nc_good1, &nc_good1[4], 0, 0, NULL, 1412850586},
+  { "name constraints chain bad1", nc_bad1, &nc_bad1[2], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1412850586},
+  { "name constraints chain bad2", nc_bad2, &nc_bad2[4], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1412850586},
+  { "name constraints chain bad3", nc_bad3, &nc_bad3[2], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, NULL, 1412850586},
+  { "modified", modified1, &modified1[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNATURE_FAILURE, NULL, 1412850586},
+  { "not-modified", modified2, &modified2[3], 0, 0, NULL, 1412850586},
+  { "kp-interm", kp_fail1, &kp_fail1[3], GNUTLS_VERIFY_KEY_PURPOSE_ON_INTERMEDIATE, GNUTLS_CERT_INVALID | GNUTLS_CERT_PURPOSE_MISMATCH, GNUTLS_KP_TLS_WWW_SERVER, 1412850586},
+  { "kp-fin", kp_fail2, &kp_fail2[3], GNUTLS_VERIFY_KEY_PURPOSE_ON_INTERMEDIATE, GNUTLS_CERT_INVALID | GNUTLS_CERT_PURPOSE_MISMATCH, GNUTLS_KP_TLS_WWW_SERVER, 1412850586},
+  { "kp-ok", kp_ok, &kp_ok[3], GNUTLS_VERIFY_KEY_PURPOSE_ON_INTERMEDIATE, 0, GNUTLS_KP_OCSP_SIGNING, 1412850586},
   { NULL, NULL, NULL, 0, 0}
 };
 /* *INDENT-ON* */