From: Simon Josefsson Date: Sun, 10 May 2009 09:07:17 +0000 (+0200) Subject: Verisign CA v1 cert has expired! Change expected results. X-Git-Tag: gnutls_2_7_9~18 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b46bb5678b5a6e82da798f62aac06026e75ba418;p=thirdparty%2Fgnutls.git Verisign CA v1 cert has expired! Change expected results. Also test expiration code more. --- diff --git a/tests/chainverify.c b/tests/chainverify.c index 7b0ba9f730..1595b5e84b 100644 --- a/tests/chainverify.c +++ b/tests/chainverify.c @@ -671,10 +671,16 @@ static struct 0, GNUTLS_CERT_SIGNER_NOT_FOUND | GNUTLS_CERT_INVALID }, { "verisign.com v1 fail", verisign_com_chain, &verisign_com_chain[3], 0, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID }, + { "verisign.com v1 fail2", verisign_com_chain, &verisign_com_chain[3], + GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, + GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID }, { "verisign.com v1 ok", verisign_com_chain, &verisign_com_chain[3], - GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, 0 }, + GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, + 0 }, { "citibank.com v1 fail", citibank_com_chain, &citibank_com_chain[2], 0, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID }, + { "expired self signed", pem_self_cert, &pem_self_cert[0], + 0, GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID }, { "self signed", pem_self_cert, &pem_self_cert[0], GNUTLS_VERIFY_DISABLE_TIME_CHECKS, 0 }, { "ca=false", thea_chain, &thea_chain[1],