13963 – Backport Heimdal time_t -> int64_t for cert timestamps

Bug 13963 - Backport Heimdal time_t -> int64_t for cert timestamps

Summary: Backport Heimdal time_t -> int64_t for cert timestamps

Status:	RESOLVED INVALID

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	4.10.3
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:	https://github.com/heimdal/heimdal/pu...
Keywords:

Depends on:
Blocks:

Reported:	2019-05-22 22:26 UTC by Andrew Bartlett
Modified:	2019-05-24 01:43 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andrew Bartlett 2019-05-22 22:26:16 UTC

We should backport this once it lands and has a final commit hash

  Author: Jeffrey Altman <jaltman@secure-endpoints.com>
  Date:   2019-05-22 (Wed, 22 May 2019)

  Changed paths:
    M lib/hx509/ca.c
    M lib/hx509/cert.c
    M lib/hx509/cms.c
    M lib/hx509/hx_locl.h
    M lib/hx509/hxtool.c
    M lib/hx509/print.c
    M lib/hx509/revoke.c

  Log Message:
  -----------
  hx509: replace time_t with int64_t for cert timestamps

On platforms with 32-bit time_t (e.g. Linux i386), certificates
with timestamps later than 03:14:07 UTC on 19 January 2038 fail
to be processed correctly.

Recent changes to include certificates in the test suite with
500 year lifetimes cause the test suite to fail on these platforms.

This change replaces all use of time_t with int64_t to permit
uniform processing of certificate timestamps on all platforms.

Change-Id: I8ada6392478f39862c62d5b6490682b026e49261

Comment 1 Andrew Bartlett 2019-05-24 01:43:16 UTC

This turns out to be the generic time_t on 32 bit problem, needing glibc changes.

Closing.

See  https://github.com/heimdal/heimdal/pull/583 for more detail.