Skip to content

Commit

Permalink
moved (and adjusted to handle 9K besides 1.7) X509 store add .pem tes…
Browse files Browse the repository at this point in the history 
…t from JRuby
@kares
kares committed Jan 7, 2016
1 parent 2ea071d commit b25de83
Showing 1 changed file with 22 additions and 1 deletion.
23 changes: 22 additions & 1 deletion src/test/ruby/x509/test_x509store.rb
View file
Original file line number Diff line number Diff line change
@@ -92,7 +92,7 @@ def test_add_cert_concurrently
assert true
end

define_method 'test_add_same_cert_twice jruby/jruby-openssl/issues/3' do
define_method 'test_add_same_cert_twice jruby/jruby-openssl#3' do
root_key = OpenSSL::PKey::RSA.new 2048 # the CA's public/private key
root_ca = OpenSSL::X509::Certificate.new
root_ca.version = 2 # cf. RFC 5280 - to make it a "v3" certificate
@@ -121,4 +121,25 @@ def test_add_cert_concurrently
end
end

def test_adding_pem_to_store
debug = false
#OpenSSL.debug = true
# mimic what rubygems/request#add_rubygems_trusted_certs does to find the .pem certificates
# 1.7: jruby-complete-1.7.22.jar!/META-INF/jruby.home/lib/ruby/shared
# 9.0: /opt/local/rvm/rubies/jruby-9.0.4.0/lib/ruby/stdlib
base = $LOAD_PATH.detect { |p| p =~ /ruby\/shared/ || p =~ /ruby\/stdlib/ }
raise "rubygems home not detected in $LOAD_PATH" unless base
pems = Dir[ File.join(base, 'rubygems/ssl_certs/*pem') ]
# assert_equal( 9, pems.size ) # >= 11 on 9K
pems.each do |pem|
puts pem.inspect if debug
store = OpenSSL::X509::Store.new
cert = OpenSSL::X509::Certificate.new(File.read(pem))
assert ! store.verify(cert)
store.add_file(pem)
# only verify on self signed certifactes
assert store.verify(cert) if pem !~ /COMODORSA|AddTrustExternalCARoot/
end
end

end

0 comments on commit b25de83

Please sign in to comment.