Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(37)

Delta Between Two Patch Sets: src/pkg/crypto/x509/root_darwin_test.go

Issue 22020045: code review 22020045: crypto/x509: add non-cgo darwin system anchor certs (Closed)
Left Patch Set: diff -r 0685a9549d5a https://code.google.com/p/go Created 10 years, 4 months ago
Right Patch Set: diff -r c0c2d0b05a77 https://code.google.com/p/go Created 10 years, 3 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
Right: Side by side diff | Download
LEFTRIGHT
(no file at all)
1 package x509
2
3 import "testing"
4
5 func TestSystemRoots(t *testing.T) {
6 sysRoots := systemRootsPool() // actual system roots
7 execRoots, err := execSecurityRoots() // non-cgo roots
8
9 if err != nil {
10 t.Fatalf("failed to read system roots: %v", err)
11 }
12
13 for _, tt := range []*CertPool{sysRoots, execRoots} {
14 if tt == nil {
15 t.Fatal("no system roots")
16 }
17 // On Mavericks, there are 212 bundled certs; require only
18 // 150 here, since this is just a sanity check, and the
19 // exact number will vary over time.
20 if want, have := 150, len(tt.certs); have < want {
21 t.Fatalf("want at least %d system roots, have %d", want, have)
22 }
23 }
24
25 // Check that the two cert pools are roughly the same;
26 // |A∩B| > max(|A|, |B|) / 2 should be a reasonably robust check.
27
28 isect := make(map[string]bool, len(sysRoots.certs))
29 for _, c := range sysRoots.certs {
30 isect[string(c.Raw)] = true
31 }
32
33 have := 0
34 for _, c := range execRoots.certs {
35 if isect[string(c.Raw)] {
36 have++
37 }
38 }
39
40 var want int
41 if nsys, nexec := len(sysRoots.certs), len(execRoots.certs); nsys > nexe c {
42 want = nsys / 2
43 } else {
44 want = nexec / 2
45 }
46
47 if have < want {
48 t.Errorf("insufficent overlap between cgo and non-cgo roots; wan t at least %d, have %d", want, have)
49 }
50 }
LEFTRIGHT

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b