JD, * Joshua D. Drake ([email protected]) wrote: > In my quest to understand how all the logging etc works with > authentication I came across the area of crypt.c that checks for > valid_until but it seems like it has an extraneous check. > > If I am wrong I apologize for the noise but wouldn't mind an explanation.
Alright, there probably aren't too many people out there running with
their clock set to pre-2000, but wouldn't this end up giving the wrong
result in those cases, as GetCurrentTimestamp() would end up returning a
negative value, which would make it less than vuntil's default of zero?
Perhaps we could change what vuntil is set to by default, but I think
it's probably better to keep things as-is; we should really be checking
for null cases explicitly in general.
Thanks,
Stephen
signature.asc
Description: Digital signature
