[test] use fixed time so tests pass in few months

kares · kares · commit 28d510698b1f · 2021-10-20T17:19:15.000+02:00
diff --git a/src/test/ruby/ssl/test_ssl.rb b/src/test/ruby/ssl/test_ssl.rb
@@ -373,6 +373,9 @@ def test_set_custom_params
 -----END CERTIFICATE-----
   EOF
 
+  require 'time'
+  VERIFY_EXPIRED_TIME = Time.parse("2021/10/20 09:10:00")
+
   def test_cert_verify_expired1_lets_encrypt_cross_signed_root
     # reproducer for https://github.com/jruby/jruby-openssl/issues/236
     #
@@ -391,6 +394,7 @@ def test_cert_verify_expired1_lets_encrypt_cross_signed_root
     ]
 
     cert_store = OpenSSL::X509::Store.new
+    cert_store.time = VERIFY_EXPIRED_TIME
     root_bundle.each { |cert| cert_store.add_cert cert }
 
     # the endpoint will send the leaf node + these two intermediate certs
@@ -448,6 +452,7 @@ def test_cert_verify_expired2_lets_encrypt_cross_signed_intermediate
     ]
 
     cert_store = OpenSSL::X509::Store.new
+    cert_store.time = VERIFY_EXPIRED_TIME
     root_bundle.each { |cert| cert_store.add_cert cert }
 
     # cross-signed cert is sent from the server :
@@ -483,6 +488,7 @@ def test_cert_verify_expired0_lets_encrypt # base_line
     ]
 
     cert_store = OpenSSL::X509::Store.new
+    cert_store.time = VERIFY_EXPIRED_TIME
     root_bundle.each { |cert| cert_store.add_cert cert }
 
     chain = [
@@ -500,6 +506,16 @@ def test_cert_verify_expired0_lets_encrypt # base_line
                   "/C=US/O=Let's Encrypt/CN=R3",
                   "/C=US/O=Internet Security Research Group/CN=ISRG Root X1"],
                  cert_store.chain.map { |cert| cert.subject.to_s }
+
+    cert_store = OpenSSL::X509::Store.new
+    cert_store.time = VERIFY_EXPIRED_TIME
+    cert_store.add_cert root_bundle[1] # only the expired one
+
+    ok = cert_store.verify(LEAF_CERTIFICATE, chain)
+
+    assert !ok
+    assert_equal 'unable to get issuer certificate', cert_store.error_string
+  end
   end
 
   end
