From 6ba7e51377f4d661ac1a0d5f17c33c9382303cbc Mon Sep 17 00:00:00 2001
From: Athos Ribeiro <athos@debian.org>
Date: Thu, 17 Jul 2025 06:35:51 -0300
Subject: [PATCH] Adapt test certificates generation

Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078640
Forwarded: not-needed
Last-Update: 2025-07-15

Adapt the test certificates generation process to Debian. For that, we extend
the validity of the certificates to 11 years to try to cover the Debian support
(and hopefully the LTS/eLTS) window as long as a build is performed 1 year
before a release. We also require certificate_authority from the installed
package so we can generate this certificates without external packages.
Last-Update: 2025-07-15

Gbp-Pq: Name 0019-adapt-test-certs-generation.patch
---
 examples/generate_chain_test.rb  | 9 ++++-----
 examples/generate_client_test.rb | 2 +-
 examples/generate_server_test.rb | 2 +-
 3 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/examples/generate_chain_test.rb b/examples/generate_chain_test.rb
index 2676760..8190f2d 100644
--- a/examples/generate_chain_test.rb
+++ b/examples/generate_chain_test.rb
@@ -11,10 +11,7 @@ certs before date will be the first of the current month
 =end
 
 require 'bundler/inline'
-gemfile(true) do
-  source 'https://rubygems.org'
-  gem 'certificate_authority'
-end
+require 'certificate_authority'
 
 module GenerateChainCerts
 
@@ -39,7 +36,7 @@ module GenerateChainCerts
 
         {
           not_before: Time.new(yr, mo, 1, 0, 0, 0, zone),
-          not_after:  Time.new(yr+4, mo, 1, 0, 0, 0, zone)
+          not_after:  Time.new(yr+11, mo, 1, 0, 0, 0, zone)
         }
       )
     end
@@ -83,6 +80,8 @@ module GenerateChainCerts
       cert.subject.common_name  = common_name
       cert.serial_number.number = parent.serial_number.number + 100
       cert.parent               = parent
+      cert.not_before          = before_after[:not_before]
+      cert.not_after           = before_after[:not_after]
 
       cert.key_material.generate_key
       cert.sign!
diff --git a/examples/generate_client_test.rb b/examples/generate_client_test.rb
index f875916..8d76020 100644
--- a/examples/generate_client_test.rb
+++ b/examples/generate_client_test.rb
@@ -107,7 +107,7 @@ module GenerateClientCerts
       zone = '+00:00'
 
       @before = Time.new yr  , mo, 1, 0, 0, 0, zone
-      @after  = Time.new yr+4, mo, 1, 0, 0, 0, zone
+      @after  = Time.new yr+11, mo, 1, 0, 0, 0, zone
 
       @b_exp  = Time.new yr-1, mo, 1, 0, 0, 0, zone
       @a_exp  = Time.new yr  , mo, 1, 0, 0, 0, zone
diff --git a/examples/generate_server_test.rb b/examples/generate_server_test.rb
index cf9364a..364a67b 100644
--- a/examples/generate_server_test.rb
+++ b/examples/generate_server_test.rb
@@ -33,7 +33,7 @@ module GenerateServerCerts
       zone = '+00:00'
 
       cert.not_before = Time.new yr  , mo, 1, 0, 0, 0, zone
-      cert.not_after  = Time.new yr+4, mo, 1, 0, 0, 0, zone
+      cert.not_after  = Time.new yr+11, mo, 1, 0, 0, 0, zone
       cert.public_key = key.public_key
       cert.sign ca_key, SIGN_ALGORITHM.new
       puts "New:", cert.to_text, ""
-- 
2.30.2