[strongSwan] wrong expiry date on amd64?
andreas.steffen at strongswan.org
Mon May 23 15:47:17 CEST 2011
it seems that on your amd64 "time_t" is defined as a 32 bit signed
integer and not a 64 bit signed integer as should be the case on
platforms with a 64 bit OS. I remember successfully running unit tests
with dates after 2038 on my amd64 box where time_t was definitively
With 32 bits, time_t wraps around again in 2106 so that 2110 would
in fact be represented as 1974.
On 23.05.2011 14:01, Niels Peen wrote:
> While experimenting with a CA certificate due to expire in 2110 I
> noticed this works fine on some servers, but not on others. In all cases
> the Strongswan version is 4.4.1. As I did not notice any date related
> bugfixes in the Changelog I've not yet tried a newer version.
> On the servers where this does not work, Strongswan claims the
> certificate expires in 1974. OpenSSL correctly report 2110 on all
> servers. Also OpenVPN, which uses the same certificate, works fine on
> all servers.
> The failing servers happen to be amd64, whereas the one server that
> works normally is 686. I'm not sure that's related though.
> Has anyone else tried CA certificates with an expiry date that far in
> the future on amd64?
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users