Re: ntpd constraint validation shows timestamp from 1899

Fri, 07 Jan 2022 02:57:09 -0800 

On 2022-01-07 08:02 +01, Otto Moerbeek <[email protected]> wrote:
> On Thu, Jan 06, 2022 at 04:02:20PM +0100, Florian Obser wrote:
>
>> On 2022-01-06 08:44 +01, Otto Moerbeek <[email protected]> wrote:
>> > On Thu, Jan 06, 2022 at 08:38:37AM +0100, Otto Moerbeek wrote:
>> >> Looking at the loop again and seeing the "maximum length exceeded" I
>> >> think what has happened is that the loop exited without reading the
>> >> Date: line and so no call to strptime() happened at all.
>> >> 
>> >> The code could be improved a bit by returning -1 in that case.
>> >> 
>> >>   -Otto
>> >> 
>> >
>> > Like this 
>> >
>> 
>> OK florian
>> 
>> p.s.: I have to say I find this code rather convoluted, figuring out
>> that this is actually correct took me way too long. (httpsdate is
>> allocated with calloc one function up and one to the left and nothing
>> touches tls_tm in between).
>
> I thought about introducing a local var that gets set on a succesful
> strptime() call but decided against that as their *should* only be one
> source for it to be filled in. As for the
>
>       allocate()
>       call some functions and cleanup() in the last
>
> I like this structure better:
>
>       allocate()
>       call some deep functions
>       cleanup()
>
> Dunno if the current code allows restructuring in this way.

Yeah, I undestand this is just how you found it...

Maybe someday someone finds the time and energy to shine this turd a bit
more. Heck, might even be me ;)

>
>       -Otto
>
>> 
>> > Index: constraint.c
>> > ===================================================================
>> > RCS file: /cvs/src/usr.sbin/ntpd/constraint.c,v
>> > retrieving revision 1.52
>> > diff -u -p -r1.52 constraint.c
>> > --- constraint.c   16 Jul 2021 13:59:10 -0000      1.52
>> > +++ constraint.c   6 Jan 2022 07:43:52 -0000
>> > @@ -1019,7 +1019,7 @@ httpsdate_request(struct httpsdate *http
>> >                &httpsdate->tls_tm) == NULL) {
>> >                    log_warnx("unsupported date format");
>> >                    free(line);
>> > -                  return (-1);
>> > +                  goto fail;
>> >            }
>> >  
>> >            free(line);
>> > @@ -1027,6 +1027,8 @@ httpsdate_request(struct httpsdate *http
>> >   next:
>> >            free(line);
>> >    }
>> > +  if (httpsdate->tls_tm.tm_year == 0)
>> > +          goto fail;
>> >  
>> >    /*
>> >     * Now manually check the validity of the certificate presented in the
>> >
>> 
>> -- 
>> I'm not entirely sure you are real.
>> 

-- 
I'm not entirely sure you are real.

Reply via email to