Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=
1078640
Forwarded: not-needed
Last-Update: 2025-07-15
Adapt the test certificates generation process to Debian. For that, we extend
the validity of the certificates to 11 years to try to cover the Debian support
(and hopefully the LTS/eLTS) window as long as a build is performed 1 year
before a release. We also require certificate_authority from the installed
package so we can generate this certificates without external packages.
Last-Update: 2025-07-15
Gbp-Pq: Name 0019-adapt-test-certs-generation.patch
=end
require 'bundler/inline'
-gemfile(true) do
- source 'https://rubygems.org'
- gem 'certificate_authority'
-end
+require 'certificate_authority'
module GenerateChainCerts
{
not_before: Time.new(yr, mo, 1, 0, 0, 0, zone),
- not_after: Time.new(yr+4, mo, 1, 0, 0, 0, zone)
+ not_after: Time.new(yr+11, mo, 1, 0, 0, 0, zone)
}
)
end
cert.subject.common_name = common_name
cert.serial_number.number = parent.serial_number.number + 100
cert.parent = parent
+ cert.not_before = before_after[:not_before]
+ cert.not_after = before_after[:not_after]
cert.key_material.generate_key
cert.sign!
zone = '+00:00'
@before = Time.new yr , mo, 1, 0, 0, 0, zone
- @after = Time.new yr+4, mo, 1, 0, 0, 0, zone
+ @after = Time.new yr+11, mo, 1, 0, 0, 0, zone
@b_exp = Time.new yr-1, mo, 1, 0, 0, 0, zone
@a_exp = Time.new yr , mo, 1, 0, 0, 0, zone
zone = '+00:00'
cert.not_before = Time.new yr , mo, 1, 0, 0, 0, zone
- cert.not_after = Time.new yr+4, mo, 1, 0, 0, 0, zone
+ cert.not_after = Time.new yr+11, mo, 1, 0, 0, 0, zone
cert.public_key = key.public_key
cert.sign ca_key, SIGN_ALGORITHM.new
puts "New:", cert.to_text, ""
projects / puma.git / commitdiff