tofu.test fails in a few months
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	dkg
	Jun 22 2016, 9:26 AM

Description

the keys in tests/openpgp/tofu-keys.asc all expire on 2016-09-17, less than
three months away.

This means that tofu.test will fail with:

   Wrong default trust.  Got: `e', expected `m'

in about 90 days.

We're already seeing this problem in debian's reproducible builds, where one
build is done with a clock that is advanced 398 days from the present.

For example:

https://tests.reproducible-builds.org/debian/logs/experimental/amd64/gnupg2_2.1.13-2.build2.log.gz

(you can see that clock variations are the likely culprit:

    https://tests.reproducible-builds.org/debian/index_variations.html )

I'm not sure the right way to deal with test keys like this so that the test
suite itself doesn't gratuitously fail just because the wall clock advances.
Maybe 10-year expirations would be sufficient, with a warning (not a failure)
that shows up in the test suite when the keys have less than 2 years left?

Related Objects

Mentioned Here: rGe584d6468a2e: tests/openpgp: Fake the system time for the tofu test.

Event Timeline

dkg added projects: gnupg, Bug Report.Jun 22 2016, 9:26 AM

dkg added subscribers: dkg, neal.

For the few gpgsm tests we have, the --faked-system-time option is used. We
should use this here too.

• werner assigned this task to justus.Jun 22 2016, 11:32 AM

Fixed in e584d646. Includes a fix for the old test for those who need to
backport it.

tofu.test fails in a few monthsClosed, ResolvedPublicActions

Description

Related Objects

Event Timeline

tofu.test fails in a few months
Closed, ResolvedPublic
Actions