tomaswolf commented on a change in pull request #198:
URL: https://github.com/apache/mina-sshd/pull/198#discussion_r641700724
##########
File path:
sshd-common/src/main/java/org/apache/sshd/common/config/keys/OpenSshCertificate.java
##########
@@ -52,26 +57,34 @@
Collection<String> getPrincipals();
/**
- * Retrieves the time in number of seconds since the {@link
java.time.Instant#EPOCH} at which this certificate
- * becomes or became valid.
- *
- * @return the number of seconds since the Instant.EPOCH <em>as an
unsigned 64bit value</em>
- * @see {{@link #isValidNow(OpenSshCertificate)}
+ * When null, implies forever
*/
- long getValidAfter();
+ Instant getValidAfter();
+
+ default long getValidAfterEpochSeconds() {
+ if (getValidAfter() == null) {
+ return VALID_AFTER_FOREVER_EPOCH;
+ }
+ return getValidAfter().getEpochSecond();
Review comment:
My point was not that someone would try to specify pre-1970 dates. The
point was: if a certificate has a validAfter/Before >= 0x8000_0000_0000_0000
(unsigned long), that's a time some 300 billion years in the future. If this is
passed to Instant.ofEpochSecond(), you get an exception. Some other large
values (>= 0xff8f_e310_1464_1400 in unsigned long; Instant.MIN_SECOND) are even
much farther in the future but will be taken as negative values and yield
pre-1970 instants in Java instead.
Exactly:
> -V 'always:20220101' versus -V '19700101:20220101' yield identical values.
So zero is not special; but OpenSSH has a special token "always" for it.
If the 64bit value is >= Instant.MAX_SECOND (0x70_1cd2_fa95_78ffL) or,
interpreted as signed, is <= Instant.MIN_SECOND, converting the 64bit value to
an Instant is going to be problematic.
So... full round-tripping with Instant is not possible. If you want full
round-tripping capabilities, long and being careful as a developer is the only
way.
For _setting_ validAfter/validBefore, Instant is the right interface if
there is a validation that the `value == null || value.compareTo(Instant.EPOCH)
>= 0`, serializing null as 0xffff_ffff_ffff_ffffL and Instant.getEpochSecond()
otherwise. For decoding the timestamp of a certificate, one would have to
handle the special cases:
- value in the range [0 .. Instant.MAX_SECOND]: Instant.ofEpochSecond(value)
- 0xffff_ffff_ffff_ffffL: null
- any other: Instant.MAX
Instant.MAX is still nearly a billion years in the future, which is good
enough for all practical purposes.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
