From 79764a5624acee85bcd03cd315c3d834a9a25a02 Mon Sep 17 00:00:00 2001
From: kali <kali@leap.se>
Date: Wed, 12 Sep 2012 10:00:29 +0900
Subject: time boundary check of certificate using gnutls

---
 src/leap/eip/tests/test_checks.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src/leap/eip/tests/test_checks.py')

diff --git a/src/leap/eip/tests/test_checks.py b/src/leap/eip/tests/test_checks.py
index bc7db79c..952b10d2 100644
--- a/src/leap/eip/tests/test_checks.py
+++ b/src/leap/eip/tests/test_checks.py
@@ -6,6 +6,7 @@ try:
 except ImportError:
     import unittest
 import os
+import time
 import urlparse
 
 from StringIO import StringIO
@@ -372,10 +373,22 @@ class ProviderCertCheckerHTTPSTests(BaseHTTPSServerTestCase, BaseLeapTest):
     def test_is_cert_valid(self):
         checker = eipchecks.ProviderCertChecker()
         # TODO: better exception catching
+        # should raise eipexceptions.BadClientCertificate, and give reasons
+        # on msg.
         with self.assertRaises(Exception) as exc:
             self.assertFalse(checker.is_cert_valid())
             exc.message = "missing cert"
 
+    def test_bad_validity_certs(self):
+        checker = eipchecks.ProviderCertChecker()
+        certfile = where_cert('leaptestscert.pem')
+        self.assertFalse(checker.is_cert_not_expired(
+            certfile=certfile,
+            now=lambda: time.mktime((2038, 1, 1, 1, 1, 1, 1, 1, 1))))
+        self.assertFalse(checker.is_cert_not_expired(
+            certfile=certfile,
+            now=lambda: time.mktime((1970, 1, 1, 1, 1, 1, 1, 1, 1))))
+
     def test_check_new_cert_needed(self):
         # check: missing cert
         checker = eipchecks.ProviderCertChecker()
-- 
cgit v1.2.3