tlsdate built on system time in the future - guess what.
Opened this issue · 5 comments
Erm, it might seem silly, but I just built tlsdate and it wasn't very useful until I realized I had a wrong system time set. This lead to a lot of fun here:
# tlsdate -v -t
V: tlsdate version 0.0.12
V: We were called with the following arguments:
V: validate SSL certificates host = www.ptb.de:443
V: RECENT_COMPILE_DATE is 1421747603.000000
V: time is currently 1421748571.341950093
V: time is greater than RECENT_COMPILE_DATE
V: using TLSv1_client_method()
V: Using OpenSSL for SSL
V: opening socket to www.ptb.de:443
V: In TLS response, T=1421744974
V: certificate verification passed
V: commonName matched: www.ptb.de
V: subjectAltName matched: www.ptb.de, type: DNS
V: hostname verification passed
V: key type: EVP_PKEY_RSA
V: keybits: 2048
V: server time 1421744974 (difference is about 3597 s) was fetched in 308 ms
remote server is a false ticker!
As I can see, you're comparing the compile time with the server time which of course spawns a false time when the time was wrong in the first place.
Can't you remove that part?
The thing about my system having a wrong time was what I was trying to fix here...
So why is this issue closed?
The issue was stale for a whole year. Upstream must be believing problems just disappear on their own when you ignore them long enough.
Reading around on the bugtracker, I'll just refer you to #199
Right, thanks. The project seems abandoned.
I like your Mediterranean developer classification, by the way. :) It' s a pity you've edited...
Under consideration I demed it a bit over the line. :)
:)