Closed hidrarga closed 1 month ago
Hm after a test on a lime2 board, I found that when the certificate expires after 2038, we get from date
command "invalid date", because we hit the 2038 year bug… and I have no idea yet how to avoid that in bash.
It was supposed to be a simple check, to have an error message for the user, but now it gets more and more complex, so I'm thinking about removing this check…
I'm removing the check, because it's too complex to test on a 32bit system…
Problem
When there are multiple files in the same ca-server.crt (for instance, when there is both the new server certificate and the old one at the same time), we only check the expiration date of the first certificate in the file. Thus, if this certificate is the previous one and is expired, the VPN client can't start.
This is happening with Neutrinet VPN for instance...
Solution
Either we remove that check, because it's probably redundant with OpenVPN client, or we fix this behaviour to handle multiple certs. This is what I did in this PR:
PR Status
Automatic tests
Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ after creating the PR, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)