tomaswolf commented on a change in pull request #198:
URL: https://github.com/apache/mina-sshd/pull/198#discussion_r641363368
##########
File path:
sshd-common/src/main/java/org/apache/sshd/common/config/keys/OpenSshCertificate.java
##########
@@ -91,7 +104,83 @@
*/
static boolean isValidNow(OpenSshCertificate cert) {
long now = TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis());
- return Long.compareUnsigned(cert.getValidAfter(), now) <= 0
- && Long.compareUnsigned(now, cert.getValidBefore()) < 0;
+ return Long.compareUnsigned(cert.getValidAfterEpochSeconds(), now) <= 0
+ && Long.compareUnsigned(now,
cert.getValidBeforeEpochSeconds()) < 0;
+ }
+
+ /**
+ * According to <A HREF=
+ *
"https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys#L222-L262";>PROTOCOL.certkeys</A>:
+ *
+ * Critical Options is a set of bytes that is
+ *
+ * [overall length][name(string)][data(string)]...
+ *
+ * Where each Critical Option is encoded as a name (string) and data
(string)
+ *
+ * Then the entire name + data strings are added as bytes (which will get
a length prefix)
+ */
+ class CriticalOption {
Review comment:
This is used for both getCriticalOptions() and for getExtensions().
Extensions are not critical options. I'd rename this to just "Options" or
"CertificateOption" or some such.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
