Extend test cert to 2049

[bmwiedemann]

This change makes tests pass in 2035 (also tested on i586)
Background:
As part of my work on reproducible builds for openSUSE, I check that software still gives identical build results in the future.
The usual offset is +15 years, because that is how long I expect some software will be used in some places.
This showed up failing tests in our package build.

See https://reproducible-builds.org/ for why this matters.

[codecov-commenter]

Codecov Report

Merging #643 into master will decrease coverage by 0%.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #643   +/-   ##
======================================
- Coverage      44%     44%   -1%     
======================================
  Files          87      87           
  Lines       11813   11813           
  Branches     1773    1773           
======================================
- Hits         5269    5268    -1     
- Misses       6150    6151    +1     
  Partials      394     394           

Flag	Coverage Δ
#ipv6	16% <ø> (ø)
#py27epolls	?
#py27poll	56% <ø> (-1%)	⬇️
#py27selects	55% <ø> (ø)
#py35epolls	49% <ø> (-1%)	⬇️
#py35poll	49% <ø> (ø)
#py35selects	49% <ø> (-1%)	⬇️
#py36epolls	49% <ø> (ø)
#py36poll	49% <ø> (ø)
#py36selects	49% <ø> (ø)
#py37epolls	?
#py37poll	49% <ø> (-1%)	⬇️
#py37selects	49% <ø> (-1%)	⬇️
#py38epolls	?
#py38poll	41% <ø> (-1%)	⬇️
#py38selects	40% <ø> (-1%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
eventlet/green/ssl.py	48% <0%> (-1%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44bfc1e...84e6539. Read the comment docs.

[codecov-commenter]

Codecov Report

Merging #643 into master will decrease coverage by 0%.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #643   +/-   ##
======================================
- Coverage      44%     44%   -1%     
======================================
  Files          87      87           
  Lines       11813   11813           
  Branches     1773    1773           
======================================
- Hits         5269    5268    -1     
- Misses       6150    6151    +1     
  Partials      394     394           

Flag	Coverage Δ
#ipv6	16% <ø> (ø)
#py27epolls	?
#py27poll	56% <ø> (-1%)	⬇️
#py27selects	55% <ø> (ø)
#py35epolls	49% <ø> (-1%)	⬇️
#py35poll	49% <ø> (ø)
#py35selects	49% <ø> (-1%)	⬇️
#py36epolls	49% <ø> (ø)
#py36poll	49% <ø> (ø)
#py36selects	49% <ø> (ø)
#py37epolls	?
#py37poll	49% <ø> (-1%)	⬇️
#py37selects	49% <ø> (-1%)	⬇️
#py38epolls	?
#py38poll	41% <ø> (-1%)	⬇️
#py38selects	40% <ø> (-1%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
eventlet/green/ssl.py	48% <0%> (-1%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44bfc1e...84e6539. Read the comment docs.

[codecov-commenter]

Codecov Report

Merging #643 into master will decrease coverage by 0%.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #643   +/-   ##
======================================
- Coverage      44%     44%   -1%     
======================================
  Files          87      87           
  Lines       11813   11813           
  Branches     1773    1773           
======================================
- Hits         5269    5268    -1     
- Misses       6150    6151    +1     
  Partials      394     394           

Flag	Coverage Δ
#ipv6	16% <ø> (ø)
#py27epolls	?
#py27poll	56% <ø> (-1%)	⬇️
#py27selects	55% <ø> (ø)
#py35epolls	49% <ø> (-1%)	⬇️
#py35poll	49% <ø> (ø)
#py35selects	49% <ø> (-1%)	⬇️
#py36epolls	49% <ø> (ø)
#py36poll	49% <ø> (ø)
#py36selects	49% <ø> (ø)
#py37epolls	?
#py37poll	49% <ø> (-1%)	⬇️
#py37selects	49% <ø> (-1%)	⬇️
#py38epolls	?
#py38poll	41% <ø> (-1%)	⬇️
#py38selects	40% <ø> (-1%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
eventlet/green/ssl.py	48% <0%> (-1%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44bfc1e...84e6539. Read the comment docs.

[codecov-commenter]

Codecov Report

Merging #643 into master will decrease coverage by 0%.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #643   +/-   ##
======================================
- Coverage      44%     44%   -1%     
======================================
  Files          87      87           
  Lines       11813   11813           
  Branches     1773    1773           
======================================
- Hits         5269    5268    -1     
- Misses       6150    6151    +1     
  Partials      394     394           

Flag	Coverage Δ
#ipv6	16% <ø> (ø)
#py27epolls	?
#py27poll	56% <ø> (-1%)	⬇️
#py27selects	55% <ø> (ø)
#py35epolls	49% <ø> (-1%)	⬇️
#py35poll	49% <ø> (ø)
#py35selects	49% <ø> (-1%)	⬇️
#py36epolls	49% <ø> (ø)
#py36poll	49% <ø> (ø)
#py36selects	49% <ø> (ø)
#py37epolls	?
#py37poll	49% <ø> (-1%)	⬇️
#py37selects	49% <ø> (-1%)	⬇️
#py38epolls	?
#py38poll	41% <ø> (-1%)	⬇️
#py38selects	40% <ø> (-1%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
eventlet/green/ssl.py	48% <0%> (-1%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44bfc1e...84e6539. Read the comment docs.

[codecov-commenter]

Codecov Report

Merging #643 into master will decrease coverage by 0%.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #643   +/-   ##
======================================
- Coverage      44%     44%   -1%     
======================================
  Files          87      87           
  Lines       11813   11813           
  Branches     1773    1773           
======================================
- Hits         5269    5268    -1     
- Misses       6150    6151    +1     
  Partials      394     394           

Flag	Coverage Δ
#ipv6	16% <ø> (ø)
#py27epolls	?
#py27poll	56% <ø> (-1%)	⬇️
#py27selects	55% <ø> (ø)
#py35epolls	49% <ø> (-1%)	⬇️
#py35poll	49% <ø> (ø)
#py35selects	49% <ø> (-1%)	⬇️
#py36epolls	49% <ø> (ø)
#py36poll	49% <ø> (ø)
#py36selects	49% <ø> (ø)
#py37epolls	?
#py37poll	49% <ø> (-1%)	⬇️
#py37selects	49% <ø> (-1%)	⬇️
#py38epolls	?
#py38poll	41% <ø> (-1%)	⬇️
#py38selects	40% <ø> (-1%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
eventlet/green/ssl.py	48% <0%> (-1%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44bfc1e...84e6539. Read the comment docs.

[codecov-commenter]

Codecov Report

Merging #643 into master will decrease coverage by 0%.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #643   +/-   ##
======================================
- Coverage      44%     44%   -1%     
======================================
  Files          87      87           
  Lines       11813   11813           
  Branches     1773    1773           
======================================
- Hits         5269    5268    -1     
- Misses       6150    6151    +1     
  Partials      394     394           

Flag	Coverage Δ
#ipv6	16% <ø> (ø)
#py27epolls	?
#py27poll	56% <ø> (-1%)	⬇️
#py27selects	55% <ø> (ø)
#py35epolls	49% <ø> (-1%)	⬇️
#py35poll	49% <ø> (ø)
#py35selects	49% <ø> (-1%)	⬇️
#py36epolls	49% <ø> (ø)
#py36poll	49% <ø> (ø)
#py36selects	49% <ø> (ø)
#py37epolls	?
#py37poll	49% <ø> (-1%)	⬇️
#py37selects	49% <ø> (-1%)	⬇️
#py38epolls	?
#py38poll	41% <ø> (-1%)	⬇️
#py38selects	40% <ø> (-1%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
eventlet/green/ssl.py	48% <0%> (-1%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44bfc1e...84e6539. Read the comment docs.

[codecov-commenter]

Codecov Report

Merging #643 into master will decrease coverage by 0%.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #643   +/-   ##
======================================
- Coverage      44%     44%   -1%     
======================================
  Files          87      87           
  Lines       11813   11813           
  Branches     1773    1773           
======================================
- Hits         5269    5268    -1     
- Misses       6150    6151    +1     
  Partials      394     394           

Flag	Coverage Δ
#ipv6	16% <ø> (ø)
#py27epolls	?
#py27poll	56% <ø> (-1%)	⬇️
#py27selects	55% <ø> (ø)
#py35epolls	49% <ø> (-1%)	⬇️
#py35poll	49% <ø> (ø)
#py35selects	49% <ø> (-1%)	⬇️
#py36epolls	49% <ø> (ø)
#py36poll	49% <ø> (ø)
#py36selects	49% <ø> (ø)
#py37epolls	?
#py37poll	49% <ø> (-1%)	⬇️
#py37selects	49% <ø> (-1%)	⬇️
#py38epolls	?
#py38poll	41% <ø> (-1%)	⬇️
#py38selects	40% <ø> (-1%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
eventlet/green/ssl.py	48% <0%> (-1%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44bfc1e...84e6539. Read the comment docs.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (7a80427) 55% compared to head (32dd4fc) 55%.

Additional details and impacted files

@@          Coverage Diff          @@
##           master   #643   +/-   ##
=====================================
  Coverage      55%    55%           
=====================================
  Files          90     90           
  Lines        9855   9855           
  Branches     1827   1827           
=====================================
  Hits         5438   5438           
  Misses       4049   4049           
  Partials      368    368           

Flag	Coverage Δ
ipv6	22% <ø> (ø)
py310asyncio	52% <ø> (-1%)	⬇️
py310epolls	52% <ø> (ø)
py310poll	52% <ø> (ø)
py310selects	52% <ø> (ø)
py311asyncio	52% <ø> (ø)
py311epolls	52% <ø> (ø)
py312asyncio	49% <ø> (+<1%)	⬆️
py312epolls	50% <ø> (+<1%)	⬆️
py37asyncio	49% <ø> (+<1%)	⬆️
py37epolls	50% <ø> (ø)
py38asyncio	?
py38epolls	52% <ø> (ø)
py38openssl	51% <ø> (+<1%)	⬆️
py38poll	52% <ø> (+<1%)	⬆️
py38selects	52% <ø> (ø)
py39asyncio	50% <ø> (+<1%)	⬆️
py39dnspython1	51% <ø> (ø)
py39epolls	52% <ø> (+<1%)	⬆️
py39poll	52% <ø> (-1%)	⬇️
py39selects	52% <ø> (+<1%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[temoto]

@bmwiedemann nice job. Do you want to copy this script to automate creating new short lived certificates?

https://github.com/httplib2/httplib2/blob/master/script/generate-tls

[bmwiedemann]

@bmwiedemann nice job. Do you want to copy this script to automate creating new short lived certificates?

https://github.com/httplib2/httplib2/blob/master/script/generate-tls

That would also work. Could you do it? I can test patches.

[temoto]

This issue is resolved when we don't have fixed certificates in repo.

Sorry, date comparison in 2028 is last priority for me right now.

[bmwiedemann]

It is actually already failing in 2028

openssl x509 -text -in tests/test_server.crt
Not After : Aug 19 13:42:11 2028 GMT

[temoto]

fixed for 28

[4383]

LGTM.

$ openssl x509 -text -in tests/test_server.crt                  
...                                                   
            Not Before: Aug 28 13:15:16 2020 GMT                
            Not After : Dec 31 13:15:17 2049 GMT    

Here is the complete diff between the current cert and the new one:

9,10c9,10
<             Not Before: Aug 22 13:42:11 2018 GMT
<             Not After : Aug 19 13:42:11 2028 GMT
---
>             Not Before: Aug 28 13:15:16 2020 GMT
>             Not After : Dec 31 13:15:17 2049 GMT
44,58c44,58
<         30:b3:bc:d7:b1:fb:70:e6:cf:cf:76:7c:85:01:ff:2a:d1:6a:
<         15:b5:68:bd:96:3b:21:59:f2:6f:4c:53:1f:b8:2a:9d:4a:83:
<         53:fa:42:1e:42:ad:3b:d7:f4:45:5b:d6:0b:a8:36:46:5c:8e:
<         1f:c9:fc:d6:e7:40:3b:c4:59:be:4b:2c:bb:c0:f3:a6:7c:b2:
<         5d:3f:1e:47:44:9e:63:80:80:e5:8a:3f:6f:2f:8e:56:de:65:
<         c4:a2:19:24:cc:c0:9d:8f:05:df:38:84:0f:38:41:31:65:01:
<         c5:e7:b4:5a:1e:52:84:19:ec:5c:ff:2b:ce:2e:53:a0:28:fd:
<         b7:04:e8:01:ee:96:63:08:2f:5d:8a:fc:83:27:71:13:97:38:
<         04:f9:44:f2:98:7c:66:14:cd:22:4c:20:0c:f5:d1:84:97:54:
<         0f:af:bc:c0:d3:ca:cd:81:56:9e:fb:fb:90:92:c7:4c:e7:94:
<         26:40:59:13:01:78:ac:14:f7:31:36:01:d2:28:e4:87:b0:38:
<         94:26:f5:86:ed:b2:6b:c0:ee:be:4f:6c:23:47:15:91:0f:b6:
<         a7:41:5d:c3:a8:11:b5:5a:d7:97:03:f7:5f:62:a8:d4:8b:44:
<         0f:aa:b7:96:a8:d6:fe:dc:e3:3a:d1:4c:0f:26:cb:e5:64:37:
<         d4:ae:c6:d8
---
>         28:c0:3b:bb:6e:ef:fa:0e:e2:c7:c8:db:fc:43:6e:ef:86:c1:
>         d2:d8:86:e0:b8:64:93:96:94:8e:6d:4a:af:20:5d:5f:bf:65:
>         33:8d:29:75:8e:39:a4:37:b2:10:a8:48:d5:ee:a9:7b:36:99:
>         95:1a:fe:6e:e2:ce:6e:28:62:03:f6:ad:04:ab:5c:0d:2a:9a:
>         a9:b3:5e:80:04:e6:fa:23:8d:79:8f:73:4c:ab:ba:fd:6d:23:
>         6b:96:03:c7:ad:26:27:c9:24:b2:37:62:72:89:7c:91:43:dc:
>         31:63:a6:01:40:c1:dc:84:5c:ad:62:e8:bd:fc:0d:d6:c2:6c:
>         df:66:4c:d9:a4:dd:80:5a:50:bf:7a:68:83:95:f6:d6:4f:d6:
>         c5:3b:ab:60:22:6a:c3:dc:12:22:3c:9a:13:b1:ce:52:06:67:
>         af:52:f3:82:e8:b3:cf:20:aa:b7:fd:27:72:c2:00:22:dc:01:
>         8a:73:23:25:2e:11:23:15:7e:65:44:0d:c6:2b:7a:43:b9:d4:
>         6a:29:8d:be:de:7e:96:70:eb:ad:d1:1c:ad:6a:db:0d:62:a2:
>         0c:55:a9:08:18:2e:19:08:b8:ba:f7:14:8b:95:15:55:bf:19:
>         df:1a:02:71:c3:e9:87:2e:d9:50:c4:3c:f6:1a:84:3e:5c:05:
>         bc:61:ff:07
63c63
< KoZIhvcNAQkBFgRUZXN0MB4XDTE4MDgyMjEzNDIxMVoXDTI4MDgxOTEzNDIxMVow
---
> KoZIhvcNAQkBFgRUZXN0MB4XDTIwMDgyODEzMTUxNloXDTQ5MTIzMTEzMTUxN1ow
74,80c74,80
< 7zAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAws7zXsftw5s/P
< dnyFAf8q0WoVtWi9ljshWfJvTFMfuCqdSoNT+kIeQq071/RFW9YLqDZGXI4fyfzW
< 50A7xFm+Syy7wPOmfLJdPx5HRJ5jgIDlij9vL45W3mXEohkkzMCdjwXfOIQPOEEx
< ZQHF57RaHlKEGexc/yvOLlOgKP23BOgB7pZjCC9divyDJ3ETlzgE+UTymHxmFM0i
< TCAM9dGEl1QPr7zA08rNgVae+/uQksdM55QmQFkTAXisFPcxNgHSKOSHsDiUJvWG
< 7bJrwO6+T2wjRxWRD7anQV3DqBG1WteXA/dfYqjUi0QPqreWqNb+3OM60UwPJsvl
< ZDfUrsbY
---
> 7zAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAowDu7bu/6DuLH
> yNv8Q27vhsHS2IbguGSTlpSObUqvIF1fv2UzjSl1jjmkN7IQqEjV7ql7NpmVGv5u
> 4s5uKGID9q0Eq1wNKpqps16ABOb6I415j3NMq7r9bSNrlgPHrSYnySSyN2JyiXyR
> Q9wxY6YBQMHchFytYui9/A3WwmzfZkzZpN2AWlC/emiDlfbWT9bFO6tgImrD3BIi
> PJoTsc5SBmevUvOC6LPPIKq3/SdywgAi3AGKcyMlLhEjFX5lRA3GK3pDudRqKY2+
> 3n6WcOut0RytatsNYqIMVakIGC4ZCLi69xSLlRVVvxnfGgJxw+mHLtlQxDz2GoQ+
> XAW8Yf8H

According to our recent changes [1] against the maintenance policy of eventlet, 2049 enoughly far away from us to lead the retirement of eventlet. I don't think we need to automatize this part.

Thanks for your comments and for this patch.

[1] 7662654