From a8b9da1ecb09f7980b003a55c4cacba06516c5a7 Mon Sep 17 00:00:00 2001
From: George Adams <georgeadams1995@gmail.com>
Date: Tue, 27 Aug 2024 10:03:01 +0100
Subject: [PATCH] add test

---
 .../certs_duplicate_cn/cert1.crt                | 17 +++++++++++++++++
 .../certs_duplicate_cn/cert2.crt                | 17 +++++++++++++++++
 .test/tests/java-ca-certificates-update/run.sh  | 16 ++++++++++++++++
 3 files changed, 50 insertions(+)
 create mode 100644 .test/tests/java-ca-certificates-update/certs_duplicate_cn/cert1.crt
 create mode 100644 .test/tests/java-ca-certificates-update/certs_duplicate_cn/cert2.crt

diff --git a/.test/tests/java-ca-certificates-update/certs_duplicate_cn/cert1.crt b/.test/tests/java-ca-certificates-update/certs_duplicate_cn/cert1.crt
new file mode 100644
index 000000000..50e111da9
--- /dev/null
+++ b/.test/tests/java-ca-certificates-update/certs_duplicate_cn/cert1.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICzDCCAbSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAYMRYwFAYDVQQDDA1kb2Nr
+ZXJidWlsZGVyMB4XDTI0MDgyNzA5MDIwMFoXDTI1MDgyNzA5MDIwMFowGDEWMBQG
+A1UEAwwNZG9ja2VyYnVpbGRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBANIIAbZXdD1qOy/cdaLN0p7emnRUMgMhhL91F7/GA3LBCyURSBTNuaI2ibq+
+BxUjldsv8HOaesLG0Au4iaggnMK6YPHThDOqOw6ME4ghAD/10l6lHf+kTRvN4eC9
+bv3H1jieejVFIgienFfuFKcsNCFKPp4Rh7+D5HHJ3wtBVfaLT4K4q46Qlvkow7s8
+cQ3WSdvpsLDZo7cN1fRWMNHhDFbIs/DGkbhZUAxxUkUoUPyn+zvpRTY6QXoAQe57
+ed9qhhXQcpbHtHN8ecTenC2KEXQuGC0/KaqEJgTqE5W7Ihg0EvGeYpzdSt6ELSFx
+WL3COwk/xTCcIqBPSiYmwPMKmd0CAwEAAaMhMB8wHQYDVR0OBBYEFCspyA0xL4b+
+2/cDj4tGqxI9L0/KMA0GCSqGSIb3DQEBCwUAA4IBAQC/UmqrbRfvmK5YX6uCBVA0
+SczwSuQRM7Zgi8PMCKLH4NvoeP6cYnAc46uaO3sp9iAv/LCw7Rw7A/LvZWmVCYPp
+AstB6kI7nTDHULRGEk3aUar7B8uAVbMNF9V8iOnlk2G2qTvHMW9I4rGtQKqK6YXd
+0m2XZ6UOEzNBPKDHqFfNOYpo1qts5CDLynGIX0tFTSlks5BMrV13xn/4giRj4UHY
+bmElscCTfR/anNxGIBUp7dqGsv4zOeCE6kac4vsENyS+x+a8W0yveTY+TQnfKalT
+KjZXCkPsZp2vZY6eCv2/09L94nXGMB40NDVOaDD/d2fZuQPadRTsF4AqEt9CsN5n
+-----END CERTIFICATE-----
diff --git a/.test/tests/java-ca-certificates-update/certs_duplicate_cn/cert2.crt b/.test/tests/java-ca-certificates-update/certs_duplicate_cn/cert2.crt
new file mode 100644
index 000000000..c4cb6c73e
--- /dev/null
+++ b/.test/tests/java-ca-certificates-update/certs_duplicate_cn/cert2.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICzDCCAbSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAYMRYwFAYDVQQDDA1kb2Nr
+ZXJidWlsZGVyMB4XDTI0MDgyNzA5MDIwNFoXDTI1MDgyNzA5MDIwNFowGDEWMBQG
+A1UEAwwNZG9ja2VyYnVpbGRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBANIIAbZXdD1qOy/cdaLN0p7emnRUMgMhhL91F7/GA3LBCyURSBTNuaI2ibq+
+BxUjldsv8HOaesLG0Au4iaggnMK6YPHThDOqOw6ME4ghAD/10l6lHf+kTRvN4eC9
+bv3H1jieejVFIgienFfuFKcsNCFKPp4Rh7+D5HHJ3wtBVfaLT4K4q46Qlvkow7s8
+cQ3WSdvpsLDZo7cN1fRWMNHhDFbIs/DGkbhZUAxxUkUoUPyn+zvpRTY6QXoAQe57
+ed9qhhXQcpbHtHN8ecTenC2KEXQuGC0/KaqEJgTqE5W7Ihg0EvGeYpzdSt6ELSFx
+WL3COwk/xTCcIqBPSiYmwPMKmd0CAwEAAaMhMB8wHQYDVR0OBBYEFCspyA0xL4b+
+2/cDj4tGqxI9L0/KMA0GCSqGSIb3DQEBCwUAA4IBAQAbEOXj4VHl3BvmoLEw3ykk
+5c4CZwTuKOm7gh6MJB6iPZIord/LyjLoMh/Mbhy5uNNKxyA53aeZzsc3q35Uks9K
+Tm02Pz6LQ3gMBvXQ/FfFu1+RXHbDOD5I9enrEsXTx4PGylFv8/9LqBfGiFGxPy6a
+C8s8d22AZsL1P6iwxNoQgfBSSqZhH/mKJyYqFwlqBmo/PQTVt2noWP6afBOfUs4W
+AGaeJUexLAem487MlPuzaSAr397zhvCVt7GNAkMwzU2KxH9auJ/5NFy1YyDSgsa0
+9rcy1gZGzJdOR2AbOZ1FXXqsw91S5SAzb+qR54KIusJ4ON+bPaQc7ZtnNKvbnBxG
+-----END CERTIFICATE-----
diff --git a/.test/tests/java-ca-certificates-update/run.sh b/.test/tests/java-ca-certificates-update/run.sh
index ca7f72d87..aea9b89c8 100755
--- a/.test/tests/java-ca-certificates-update/run.sh
+++ b/.test/tests/java-ca-certificates-update/run.sh
@@ -75,6 +75,14 @@ echo -n $?
 docker run --rm -e USE_SYSTEM_CA_CERTS=1 --volume=$testDir/certs:/certificates "$TESTIMAGE" "${CMD2[@]}" >&/dev/null
 echo -n $?
 
+# Test run 7: Two certificates with the same CN are mounted and the environment variable is set. 
+# We expect both CMD1 to succeed and CMD2 to find both certificates.
+docker run --rm -e USE_SYSTEM_CA_CERTS=1 --volume=$testDir/certs_duplicate_cn:/certificates "$1" $CMD1 >&/dev/null
+echo -n $?
+CMD3=(sh -c "keytool -list -keystore \"\$JRE_CACERTS_PATH\"  -storepass changeit -alias dockerbuilder1 && keytool -list -keystore \"\$JRE_CACERTS_PATH\" -storepass changeit -alias dockerbuilder2")
+docker run --rm -e USE_SYSTEM_CA_CERTS=1 --volume=$testDir/certs_duplicate_cn:/certificates "$1" "${CMD3[@]}" >&/dev/null
+echo -n $?
+
 #
 # PHASE 2: Non-root containers
 #
@@ -119,3 +127,11 @@ docker run --read-only --user 1000:1000 -v /tmp --rm -e USE_SYSTEM_CA_CERTS=1 --
 echo -n $?
 docker run --read-only --user 1000:1000 -v /tmp --rm -e USE_SYSTEM_CA_CERTS=1 --volume=$testDir/certs:/certificates "$TESTIMAGE" "${CMD2[@]}" >&/dev/null
 echo -n $?
+
+# Test run 7: Two certificates with the same CN are mounted and the environment variable is set. 
+# We expect both CMD1 to succeed and CMD2 to find both certificates.
+docker run --read-only --user 1000:1000 -v /tmp --rm -e USE_SYSTEM_CA_CERTS=1 --volume=$testDir/certs_duplicate_cn:/certificates "$1" $CMD1 >&/dev/null
+echo -n $?
+CMD3=(sh -c "keytool -list -keystore \"\$JRE_CACERTS_PATH\"  -storepass changeit -alias dockerbuilder1 && keytool -list -keystore \"\$JRE_CACERTS_PATH\" -storepass changeit -alias dockerbuilder2")
+docker run --read-only --user 1000:1000 -v /tmp --rm -e USE_SYSTEM_CA_CERTS=1 --volume=$testDir/certs_duplicate_cn:/certificates "$1" "${CMD3[@]}" >&/dev/null
+echo -n $?