@@ -8,7 +8,8 @@ RUBY_VERSION = $(RUBY_MAJOR_VERSION).3 | |||
RUBY_NAME = ruby-$(RUBY_VERSION) | |||
RUBY_DIR = build/$(RUBY_NAME) | |||
RUBY_OPENSSL_EXT_DIR = $(RUBY_DIR)/ext/openssl | |||
RUBY_LIB_DIR = $(RBENV_ROOT)/versions/$(RUBY_VERSION)-cryptcheck/lib/ruby/$(RUBY_MAJOR_VERSION).0 | |||
RBENV_DIR = $(RBENV_ROOT)/versions/$(RUBY_VERSION)-cryptcheck | |||
RUBY_LIB_DIR = $(RBENV_DIR)/lib/ruby/$(RUBY_MAJOR_VERSION).0 | |||
RBENV_ROOT ?= ~/.rbenv | |||
export LIBRARY_PATH = $(PWD)/lib | |||
export C_INCLUDE_PATH = $(PWD)/$(OPENSSL_DIR)/include | |||
@@ -101,7 +102,7 @@ lib/openssl.so: $(RUBY_OPENSSL_EXT_DIR)/openssl.so | |||
ext: lib/openssl.so | |||
spec/faketime/libfaketime.so: spec/faketime/faketime.c spec/faketime/faketime.h | |||
$(CC) -shared -fPIC $^ -o $@ -ldl -std=c99 -Werror -Wall | |||
$(CC) $^ -o $@ -shared -fPIC -ldl -std=c99 -Werror -Wall | |||
lib/libfaketime.so: spec/faketime/libfaketime.so | |||
ln -fs ../$< $@ | |||
faketime: lib/libfaketime.so |
@@ -7,7 +7,7 @@ describe CryptCheck::Tls::Cert do | |||
describe '::trusted?' do | |||
it 'must accept valid certificate' do | |||
FakeTime.freeze_during Time.utc(2000, 1, 1) do | |||
FakeTime.freeze Time.utc(2000, 1, 1) do | |||
cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca) | |||
trust = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca | |||
expect(trust).to eq :trusted | |||
@@ -34,7 +34,7 @@ describe CryptCheck::Tls::Cert do | |||
end | |||
it 'must reject expired certificate' do | |||
FakeTime.freeze_during Time.utc(2002, 1, 1) do | |||
FakeTime.freeze Time.utc(2002, 1, 1) do | |||
cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca) | |||
trust = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca | |||
expect(trust).to eq 'certificate has expired' | |||
@@ -42,7 +42,7 @@ describe CryptCheck::Tls::Cert do | |||
end | |||
it 'must reject not yet valid certificate' do | |||
FakeTime.freeze_during Time.utc(1999, 1, 1) do | |||
FakeTime.freeze Time.utc(1999, 1, 1) do | |||
cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca) | |||
trust = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca | |||
expect(trust).to eq 'certificate is not yet valid' |
@@ -2,7 +2,7 @@ require 'faketime' | |||
describe CryptCheck::Tls::Server do | |||
before :all do | |||
FakeTime.freeze Time.utc(2000, 1, 1).to_i | |||
FakeTime.freeze Time.utc(2000, 1, 1) | |||
end | |||
after :all do |
@@ -4,22 +4,24 @@ module FakeTime | |||
extend FFI::Library | |||
ffi_lib 'faketime' | |||
def self.freeze(_) | |||
def self._freeze(_) | |||
#This is a stub, used for indexing | |||
end | |||
def self.unfreeze | |||
#This is a stub, used for indexing | |||
end | |||
attach_function :freeze, [:ulong], :void | |||
attach_function :_freeze, [:ulong], :void | |||
attach_function :unfreeze, [], :void | |||
def self.freeze_during(time, &block) | |||
self.freeze time.to_i | |||
begin | |||
return block.call | |||
ensure | |||
self.unfreeze | |||
def self.freeze(time) | |||
self._freeze time.to_i | |||
if block_given? | |||
begin | |||
return yield | |||
ensure | |||
self.unfreeze | |||
end | |||
end | |||
end | |||
end |
@@ -9,7 +9,7 @@ time_t frozen_time = 0; | |||
typedef time_t (*orig_time_f_type)(time_t*); | |||
orig_time_f_type orig_time = NULL; | |||
void freeze(unsigned long time) { | |||
void _freeze(unsigned long time) { | |||
frozen_time = (time_t)time; | |||
frozen = 1; | |||
} |
@@ -1,2 +1,2 @@ | |||
void freeze(unsigned long time); | |||
void _freeze(unsigned long time); | |||
void unfreeze(); |