Update web-platform-tests to revision 7a767a52741f628430ffbbed46e7f3df68ba3534

Fixes #15648.
2025-08-03 20:50:07 +01:00 · 2017-02-20 11:44:42 +01:00 · 2017-02-20 11:44:42 +01:00 · 4fadf9b0b6
commit 4fadf9b0b6
parent a1e4c547f0
1184 changed files with 22551 additions and 9856 deletions
--- a/tests/wpt/web-platform-tests/tools/sslutils/openssl.py
+++ b/tests/wpt/web-platform-tests/tools/sslutils/openssl.py
@ -4,7 +4,12 @@ import random
 import shutil
 import subprocess
 import tempfile
-from datetime import datetime
+from datetime import datetime, timedelta
+
+# Amount of time beyond the present to consider certificates "expired." This
+# allows certificates to be proactively re-generated in the "buffer" period
+# prior to their exact expiration time.
+CERT_EXPIRY_BUFFER = dict(hours=6)

 class OpenSSL(object):
    def __init__(self, logger, binary, base_path, conf_path, hosts, duration,
@ -305,8 +310,11 @@ class OpenSSLEnvironment(object):
                                   "-in", cert_path).split("=", 1)[1].strip()
            # Not sure if this works in other locales
            end_date = datetime.strptime(end_date_str, "%b %d %H:%M:%S %Y %Z")
-            # Should have some buffer here e.g. 1 hr
-            if end_date < datetime.now():
+            time_buffer = timedelta(**CERT_EXPIRY_BUFFER)
+            # Because `strptime` does not account for time zone offsets, it is
+            # always in terms of UTC, so the current time should be calculated
+            # accordingly.
+            if end_date < datetime.utcnow() + time_buffer:
                return False

        #TODO: check the key actually signed the cert.