Closed kanavin closed 2 weeks ago
Thanks. I see that the function was added in OpenSSL 3.3, released April 10. (It's not in Arch You'll probably know: is there a distro/container with OpenSSL 3.3, test this?)
It returns time_t
. Could you use _PyLong_FromTime_t
rather than PyLong_FromLongLong
? (This function is currently not public, but that's another issue.)
I see that Arch Linux now has OpenSSL 3.3, so I should be able to test this in an Arch VM. Before I do that, please run your tests with _PyLong_FromTime_t
.
Thanks. I see that the function was added in OpenSSL 3.3, released April 10. (It's not in Arch You'll probably know: is there a distro/container with OpenSSL 3.3, test this?)
It returns
time_t
. Could you use_PyLong_FromTime_t
rather thanPyLong_FromLongLong
? (This function is currently not public, but that's another issue.)I see that Arch Linux now has OpenSSL 3.3, so I should be able to test this in an Arch VM. Before I do that, please run your tests with
_PyLong_FromTime_t
.
I've done that with both original and fixed (as you requested) version. The tests are run on a 32 bit system running in qemu with time set to 2050, certificates regenerated to not be expired (discussed elsewhere :), and openssl 3.3.0.
test_ssl fails without the patch and succeeds with it.
Thread-sanitizer fail doesn't seem to be related? Hard for me to tell for sure.
Yes, doesn't seem related.
Please don't force-push to CPython PRs; the brand new commits need to be reviewed all over again. In a bigger PR it would be an issue :) You don't need to worry about the branch being up to date.
Turns out I can't easily get a 32-bit system with system clock set past 2038 :) But on a 64-bit one, this passes, and I can't see anything wrong with the PR. So I'll merge.
If the system is using 32 bit time_t (which is the default in glibc), it will immediately collapse altogether. You need either a non-glibc alternative (e.g. musl), or everything needs to be rebuilt with -D_TIME_BITS=64, which as far as I know only the most recent release of Yocto does. Debian has plans, but I have no idea how far they are implemented.