1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
Work around a year-2038 issue when building with a 32-bit 'time_t'
on 32-bit platforms:
https://gitlab.gnome.org/GNOME/glib-networking/-/issues/172
From 4f8ca86a0e460794188c3355f0c7cc11fdbe4229 Mon Sep 17 00:00:00 2001
From: Simon McVittie <simon.mcvittie@collabora.co.uk>
Date: Tue, 21 Sep 2021 17:07:44 +0000
Subject: [PATCH] tests: Accept GNUTLS' workaround for limited size of time_t
---
tls/tests/certificate.c | 15 +++++++++++++++
tls/tests/meson.build | 1 +
2 files changed, 16 insertions(+)
diff --git a/tls/tests/certificate.c b/tls/tests/certificate.c
index c0100d30..d216c710 100644
--- a/tls/tests/certificate.c
+++ b/tls/tests/certificate.c
@@ -672,6 +672,12 @@ test_certificate_not_valid_before (void)
g_object_unref (cert);
}
+/* On 32-bit, GNUTLS caps expiry times at 2037-12-31 23:23:23 to avoid
+ * overflowing time_t. Hopefully by 2037, either 32-bit will finally have
+ * died out, or GNUTLS will rethink its approach to
+ * https://gitlab.com/gnutls/gnutls/-/issues/370 */
+#define GNUTLS_32_BIT_NOT_VALID_AFTER_MAX 2145914603
+
static void
test_certificate_not_valid_after (void)
{
@@ -686,7 +692,16 @@ test_certificate_not_valid_after (void)
actual = g_tls_certificate_get_not_valid_after (cert);
g_assert_nonnull (actual);
actual_str = g_date_time_format_iso8601 (actual);
+
+#if SIZEOF_TIME_T <= 4
+ if (g_date_time_to_unix (actual) == GNUTLS_32_BIT_NOT_VALID_AFTER_MAX)
+ g_test_incomplete ("not-valid-after date not representable on 32-bit");
+ else
+ g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_AFTER);
+#else
g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_AFTER);
+#endif
+
g_free (actual_str);
g_date_time_unref (actual);
g_object_unref (cert);
diff --git a/tls/tests/meson.build b/tls/tests/meson.build
index e9c7d8c6..7415f913 100644
--- a/tls/tests/meson.build
+++ b/tls/tests/meson.build
@@ -69,6 +69,7 @@ foreach backend: backends
test_cflags = cflags + [
'-DBACKEND="@0@"'.format(backend),
'-DBACKEND_IS_' + backend.to_upper(),
+ '-DSIZEOF_TIME_T=@0@'.format(cc.sizeof('time_t', prefix: '#include <time.h>')),
]
if backend == 'openssl'
|