[pbs-devel] [PATCH v2 backup 05/27] CertInfo: add not_{after, before}_unix

Wolfgang Bumiller w.bumiller at proxmox.com
Thu Apr 29 09:14:14 CEST 2021


On Thu, Apr 29, 2021 at 09:08:03AM +0200, Dietmar Maurer wrote:
> 
> On 4/29/21 9:01 AM, Wolfgang Bumiller wrote:
> > On Thu, Apr 29, 2021 at 08:13:19AM +0200, Dietmar Maurer wrote:
> > > Seems I can do it without foreign-types:
> > > 
> > > fn asn1_time_to_unix(time: &openssl::asn1::Asn1TimeRef) -> Result<i64,
> > > Error> {
> > >      let epoch0 = openssl::asn1::Asn1Time::from_unix(0)?;
> > >      let diff = epoch0.diff(time)?;
> > >      let seconds = (diff.days as i64) * 24*60*60 + (diff.secs as i64);
> > >      Ok(seconds)
> > > }
> > > 
> > > Any objections?
> > Yes, for 2 reasons:
> > * openssl does provide the functionality and the dependency is already
> >    in our tree because openssl pulls it in
> > * 1100 days in already covers 3 leap seconds and I don't want to worry
> >    about whether `diff.days` takes that into account, the best time math
> >    is no time math at all
> 
> Agreed, but your code is unsafe and hard to read. IMHO that whole
> foreign_type thing is hard to understand. And Unix Epoch does not care about
> leap seconds, so why should we do?

Because the diff method doesn't give you a unix epoch, it gives you a
number of days without context which originally come from calendar
dates, and this way days aren't well-enough defined for my taste.





More information about the pbs-devel mailing list