ssh-keygen -V doesn't respect DST
Darren Tucker
dtucker at dtucker.net
Mon Mar 28 21:15:32 AEDT 2022
On Mon, Mar 28, 2022 at 11:23:35AM +0200, Jan Schermer wrote:
> Hi,
> we just entered DST here in Czech Republic, and my CA started generating certificates with a +1h offset:
[...]
> Any plans to fix this? Apparently I am not the only person who encountered it https://github.com/cloudtools/ssh-ca/blob/master/ssh_ca/utils.py#L72 <https://github.com/cloudtools/ssh-ca/blob/master/ssh_ca/utils.py#L72>
Assuming I'm read the man page right, I think this should fix it.
diff --git a/misc.c b/misc.c
index 85d223695..03e6e5f19 100644
--- a/misc.c
+++ b/misc.c
@@ -2429,6 +2429,7 @@ parse_absolute_time(const char *s, uint64_t *tp)
memset(&tm, 0, sizeof(tm));
if (strptime(buf, fmt, &tm) == NULL)
return SSH_ERR_INVALID_FORMAT;
+ tm.tm_isdst = -1; /* auto detect DST */
if ((tt = mktime(&tm)) < 0)
return SSH_ERR_INVALID_FORMAT;
/* success */
--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list