Rusty Russell <ru...@rustcorp.com.au> wrote: > > (Side note: I hope people realize that the random key is generated > > with a 100-year lifespan. So if you build a kernel today, you do > > potentially have a "year-2112 problem". I'm not horribly worried, but > > I *am* a bit worried about 32-bit time_t overflow and I hope 32-bit > > openssl doesn't do anything odd) > > Yep, David's original patch had that problem; he fixed the kernel's x509 > handling to use struct tm, not time_t, and now it Just Works.
That's assuming that 32-bit *openssl* gets it right when generating the key. Trying it on my 32-bit laptop, I see: 154:d=3 hl=2 l= 15 prim: GENERALIZEDTIME :21120925112014Z so I guess it does. David -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/