You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
80 lines
2.7 KiB
80 lines
2.7 KiB
From 6437685130b68670888db1d0551f5464d56c4cec Mon Sep 17 00:00:00 2001 |
|
From: Greg Hudson <ghudson@mit.edu> |
|
Date: Sat, 22 Apr 2017 09:49:12 -0400 |
|
Subject: [PATCH] Add timestamp helper functions |
|
|
|
Add k5-int.h helper functions to manipulate krb5_timestamp values, |
|
avoiding undefined behavior and treating negative timestamp values as |
|
times between 2038 and 2106. Add a doxygen comment for krb5_timestamp |
|
indicating how third-party code should use it safely. |
|
|
|
ticket: 8352 |
|
(cherry picked from commit 58e9155060cd93b1a7557e37fbc9b077b76465c2) |
|
--- |
|
src/include/k5-int.h | 31 +++++++++++++++++++++++++++++++ |
|
src/include/krb5/krb5.hin | 9 +++++++++ |
|
2 files changed, 40 insertions(+) |
|
|
|
diff --git a/src/include/k5-int.h b/src/include/k5-int.h |
|
index 06ca2b66d..82ee20760 100644 |
|
--- a/src/include/k5-int.h |
|
+++ b/src/include/k5-int.h |
|
@@ -2353,6 +2353,37 @@ k5memdup0(const void *in, size_t len, krb5_error_code *code) |
|
return ptr; |
|
} |
|
|
|
+/* Convert a krb5_timestamp to a time_t value, treating the negative range of |
|
+ * krb5_timestamp as times between 2038 and 2106 (if time_t is 64-bit). */ |
|
+static inline time_t |
|
+ts2tt(krb5_timestamp timestamp) |
|
+{ |
|
+ return (time_t)(uint32_t)timestamp; |
|
+} |
|
+ |
|
+/* Return the delta between two timestamps (a - b) as a signed 32-bit value, |
|
+ * without relying on undefined behavior. */ |
|
+static inline krb5_deltat |
|
+ts_delta(krb5_timestamp a, krb5_timestamp b) |
|
+{ |
|
+ return (krb5_deltat)((uint32_t)a - (uint32_t)b); |
|
+} |
|
+ |
|
+/* Increment a timestamp by a signed 32-bit interval, without relying on |
|
+ * undefined behavior. */ |
|
+static inline krb5_timestamp |
|
+ts_incr(krb5_timestamp ts, krb5_deltat delta) |
|
+{ |
|
+ return (krb5_timestamp)((uint32_t)ts + (uint32_t)delta); |
|
+} |
|
+ |
|
+/* Return true if a comes after b. */ |
|
+static inline krb5_boolean |
|
+ts_after(krb5_timestamp a, krb5_timestamp b) |
|
+{ |
|
+ return (uint32_t)a > (uint32_t)b; |
|
+} |
|
+ |
|
krb5_error_code KRB5_CALLCONV |
|
krb5_get_credentials_for_user(krb5_context context, krb5_flags options, |
|
krb5_ccache ccache, |
|
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin |
|
index cf60d6c41..53ad85384 100644 |
|
--- a/src/include/krb5/krb5.hin |
|
+++ b/src/include/krb5/krb5.hin |
|
@@ -187,7 +187,16 @@ typedef krb5_int32 krb5_cryptotype; |
|
|
|
typedef krb5_int32 krb5_preauthtype; /* This may change, later on */ |
|
typedef krb5_int32 krb5_flags; |
|
+ |
|
+/** |
|
+ * Represents a timestamp in seconds since the POSIX epoch. This legacy type |
|
+ * is used frequently in the ABI, but cannot represent timestamps after 2038 as |
|
+ * a positive number. Code which uses this type should cast values of it to |
|
+ * uint32_t so that negative values are treated as timestamps between 2038 and |
|
+ * 2106 on platforms with 64-bit time_t. |
|
+ */ |
|
typedef krb5_int32 krb5_timestamp; |
|
+ |
|
typedef krb5_int32 krb5_deltat; |
|
|
|
/**
|
|
|