diff options
| author | Magnus Henoch <[email protected]> | 2016-05-19 11:56:47 +0100 |
|---|---|---|
| committer | Magnus Henoch <[email protected]> | 2016-05-19 11:56:47 +0100 |
| commit | c3e06e575b06f25601fdc60f4142a0d6b9e6eb7a (patch) | |
| tree | 04ac1ee2d6bc8340a1d9ef392e27f29221d9de3f /lib/ssl/test/make_certs.erl | |
| parent | b219dbd698c74cf3c904445d13bb3453be6e1ac8 (diff) | |
| download | otp-c3e06e575b06f25601fdc60f4142a0d6b9e6eb7a.tar.gz otp-c3e06e575b06f25601fdc60f4142a0d6b9e6eb7a.tar.bz2 otp-c3e06e575b06f25601fdc60f4142a0d6b9e6eb7a.zip | |
Skip crl_hash_dir_expired test for LibreSSL
LibreSSL doesn't like it when we pass a negative number for the
-crlhours argument. I'm not sure if there is another way to make it
generate a CRL with expiry date in the past, so let's skip that test
in this case.
Diffstat (limited to 'lib/ssl/test/make_certs.erl')
| -rw-r--r-- | lib/ssl/test/make_certs.erl | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/ssl/test/make_certs.erl b/lib/ssl/test/make_certs.erl index ed1a6523ed..009bcd81ad 100644 --- a/lib/ssl/test/make_certs.erl +++ b/lib/ssl/test/make_certs.erl @@ -186,6 +186,15 @@ gencrl(Root, CA, C, CrlHours) -> Env = [{"ROOTDIR", filename:absname(Root)}], cmd(Cmd, Env). +can_generate_expired_crls(C) -> + %% OpenSSL can generate CRLs with an expiration date in the past, + %% if we pass a negative number for -crlhours. However, LibreSSL + %% rejects this with the error "invalid argument -24: too small". + %% Let's check which one we have. + Cmd = [C#config.openssl_cmd, " ca -crlhours -24"], + Output = os:cmd(Cmd), + 0 =:= string:str(Output, "too small"). + verify(Root, CA, User, C) -> CAFile = filename:join([Root, User, "cacerts.pem"]), CACRLFile = filename:join([Root, CA, "crl.pem"]), |