[glib-networking/wip/smcv/time-t] tests: Accept GNUTLS' workaround for limited size of time_t

From: Simon McVittie <smcv src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib-networking/wip/smcv/time-t] tests: Accept GNUTLS' workaround for limited size of time_t
Date: Mon, 20 Sep 2021 18:55:37 +0000 (UTC)


commit fe363b0200e1175142a727ba9ff1c4210ca8e602
Author: Simon McVittie <smcv debian org>
Date:   Mon Sep 20 18:57:22 2021 +0100

    tests: Accept GNUTLS' workaround for limited size of time_t
    
    GNUTLS' API for exposing expiration dates is based on time_t, so on
    most 32-bit architectures it reports far-future expiration dates as
    a rather arbitrary 2037-12-31 23:23:23.
    
    Resolves: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/172
    Signed-off-by: Simon McVittie <smcv debian org>

 tls/tests/certificate.c | 19 ++++++++++++++++++-
 tls/tests/meson.build   |  1 +
 2 files changed, 19 insertions(+), 1 deletion(-)
---
diff --git a/tls/tests/certificate.c b/tls/tests/certificate.c
index c0100d30..dc3433fd 100644
--- a/tls/tests/certificate.c
+++ b/tls/tests/certificate.c
@@ -672,6 +672,12 @@ test_certificate_not_valid_before (void)
   g_object_unref (cert);
 }
 
+/* On 32-bit, GNUTLS caps expiry times at 2037-12-31 23:23:23 to avoid
+ * overflowing time_t. Hopefully by 2037, either 32-bit will finally have
+ * died out, or GNUTLS will rethink its approach to
+ * https://gitlab.com/gnutls/gnutls/-/issues/370 */
+#define GNUTLS_32_BIT_NOT_VALID_AFTER_MAX 2145914603
+
 static void
 test_certificate_not_valid_after (void)
 {
@@ -686,7 +692,18 @@ test_certificate_not_valid_after (void)
   actual = g_tls_certificate_get_not_valid_after (cert);
   g_assert_nonnull (actual);
   actual_str = g_date_time_format_iso8601 (actual);
-  g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_AFTER);
+
+#if SIZEOF_TIME_T <= 4
+  if (g_date_time_to_unix (actual) == GNUTLS_32_BIT_NOT_VALID_AFTER_MAX)
+    {
+      g_test_incomplete ("not-valid-after date not representable on 32-bit");
+    }
+  else
+#endif
+    {
+      g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_AFTER);
+    }
+
   g_free (actual_str);
   g_date_time_unref (actual);
   g_object_unref (cert);
diff --git a/tls/tests/meson.build b/tls/tests/meson.build
index e9c7d8c6..7415f913 100644
--- a/tls/tests/meson.build
+++ b/tls/tests/meson.build
@@ -69,6 +69,7 @@ foreach backend: backends
     test_cflags = cflags + [
       '-DBACKEND="@0@"'.format(backend),
       '-DBACKEND_IS_' + backend.to_upper(),
+      '-DSIZEOF_TIME_T=@0@'.format(cc.sizeof('time_t', prefix: '#include <time.h>')),
     ]
 
     if backend == 'openssl'

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]