JD,
* Joshua D. Drake (jd@commandprompt.com) wrote:
> In my quest to understand how all the logging etc works with
> authentication I came across the area of crypt.c that checks for
> valid_until but it seems like it has an extraneous check.
>
> If I am wrong I apologize for the noise but wouldn't mind an explanation.
Alright, there probably aren't too many people out there running with
their clock set to pre-2000, but wouldn't this end up giving the wrong
result in those cases, as GetCurrentTimestamp() would end up returning a
negative value, which would make it less than vuntil's default of zero?
Perhaps we could change what vuntil is set to by default, but I think
it's probably better to keep things as-is; we should really be checking
for null cases explicitly in general.
Thanks,
Stephen