[New-bugs-announce] [issue18207] OpenSSL may ignore seconds in notAfter
Christian Heimes
report at bugs.python.org
Fri Jun 14 01:58:14 CEST 2013
New submission from Christian Heimes:
I'm doing some testing with old versions of OpenSSL. Some versions like 0.9.8i from 15 Sep 2008 ignore seconds in notAfter field:
./python -m test test_ssl test_hashlib
[1/2] test_ssl
test test_ssl failed -- Traceback (most recent call last):
File "/home/heimes/dev/python/cpython/Lib/test/test_ssl.py", line 145, in test_parse_cert
self.assertEqual(p['notAfter'], 'Oct 5 23:01:56 2020 GMT')
AssertionError: 'Oct 5 23:01:00 2020 GMT' != 'Oct 5 23:01:56 2020 GMT'
- Oct 5 23:01:00 2020 GMT
? ^^
+ Oct 5 23:01:56 2020 GMT
It's actually an issue in OpenSSL. I'm getting the same result with the openssl binary:
$ ../openssl/0.9.8i/bin/openssl x509 -text -in Lib/test/https_svn_python_org_root.pem | grep GMT
Not Before: Mar 30 12:29:00 2003 GMT
Not After : Mar 29 12:29:00 2033 GMT
$ ../openssl/0.9.8y/bin/openssl x509 -text -in Lib/test/https_svn_python_org_root.pem | grep GMT
Not Before: Mar 30 12:29:49 2003 GMT
Not After : Mar 29 12:29:49 2033 GMT
I'd like to modify the test for a well-defined set of errnous OpenSSL versions.
----------
components: Extension Modules
messages: 191099
nosy: christian.heimes, pitrou
priority: normal
severity: normal
status: open
title: OpenSSL may ignore seconds in notAfter
versions: Python 3.4
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue18207>
_______________________________________
More information about the New-bugs-announce
mailing list