Package: glib-networking / 2.70.0-1

tests-Accept-GNUTLS-workaround-for-limited-size-of-time_t.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
From: Simon McVittie <smcv@debian.org>
Date: Mon, 20 Sep 2021 18:57:22 +0100
Subject: tests: Accept GNUTLS' workaround for limited size of time_t

GNUTLS' API for exposing expiration dates is based on time_t, so on
most 32-bit architectures it reports far-future expiration dates as
a rather arbitrary 2037-12-31 23:23:23.

Bug: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/172
Forwarded: https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/188
Signed-off-by: Simon McVittie <smcv@debian.org>
---
 tls/tests/certificate.c | 19 ++++++++++++++++++-
 tls/tests/meson.build   |  1 +
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/tls/tests/certificate.c b/tls/tests/certificate.c
index c0100d3..dc3433f 100644
--- a/tls/tests/certificate.c
+++ b/tls/tests/certificate.c
@@ -672,6 +672,12 @@ test_certificate_not_valid_before (void)
   g_object_unref (cert);
 }
 
+/* On 32-bit, GNUTLS caps expiry times at 2037-12-31 23:23:23 to avoid
+ * overflowing time_t. Hopefully by 2037, either 32-bit will finally have
+ * died out, or GNUTLS will rethink its approach to
+ * https://gitlab.com/gnutls/gnutls/-/issues/370 */
+#define GNUTLS_32_BIT_NOT_VALID_AFTER_MAX 2145914603
+
 static void
 test_certificate_not_valid_after (void)
 {
@@ -686,7 +692,18 @@ test_certificate_not_valid_after (void)
   actual = g_tls_certificate_get_not_valid_after (cert);
   g_assert_nonnull (actual);
   actual_str = g_date_time_format_iso8601 (actual);
-  g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_AFTER);
+
+#if SIZEOF_TIME_T <= 4
+  if (g_date_time_to_unix (actual) == GNUTLS_32_BIT_NOT_VALID_AFTER_MAX)
+    {
+      g_test_incomplete ("not-valid-after date not representable on 32-bit");
+    }
+  else
+#endif
+    {
+      g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_AFTER);
+    }
+
   g_free (actual_str);
   g_date_time_unref (actual);
   g_object_unref (cert);
diff --git a/tls/tests/meson.build b/tls/tests/meson.build
index e9c7d8c..7415f91 100644
--- a/tls/tests/meson.build
+++ b/tls/tests/meson.build
@@ -69,6 +69,7 @@ foreach backend: backends
     test_cflags = cflags + [
       '-DBACKEND="@0@"'.format(backend),
       '-DBACKEND_IS_' + backend.to_upper(),
+      '-DSIZEOF_TIME_T=@0@'.format(cc.sizeof('time_t', prefix: '#include <time.h>')),
     ]
 
     if backend == 'openssl'