On Thu, Dec 29, 2005 at 02:44:18PM +0100, Peter Sylvester wrote: > > I saw in the lastest snapshots that in the ssl library the fundction > time has been casted to an unsigned long. > This seems to be some hack to cover the 2038 problem on 32 bit machines. > I am not sure > whether the attempted solution is good: > > As far as I see the only usage is to determine whether a timeout has > occured. How much can a > session last? More than 20 years? If not, I think one should define a > notion of epoch which > covers the problem that it seems to be undefined whether in 2038 the > value goes to 0 or to > a large negative value depending on the implementation. I.e. > the time is also initialized with time(NULL)|x3fffffff > and in ssl_sess.c > if (ret->time+ter->timeout < (time(NULL) | x7fffffff) > and similar in ssl_bio etc.
The proper way to do a check for a timeout is: time(NULL) - ret->time > ter->timeout Or something simular, the important part is the substraction of the 2 time variables. This will avoid any problems you have with overflows. If time(NULL) has overflown, the substraction of time(NULL) with ret->time will still give a positive number. PS: Depending on the platform, time_t can be signed or unsigned. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
