This repository has been archived by the owner on Feb 22, 2024. It is now read-only.
NetBox/WebDav sometimes rejects valid SSL certificates #34
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
NetBox/WebDav sometimes treats valid certificates as invalid due to what seems to be some rounding error in datetime conversions.
Example of a valid certificate rejected by NetBox: myfiles.fastmail.com
According to https://www.ssllabs.com, at the time of writing the certificate is valid until Thu, 02 Nov 2023 23:59:59.
The issue seems to be related to the fact that the certificate expires one second before the midnight.
I briefly debugged the issue and discovered that DateTimeToTimeStamp returns invalid Result.Time (86400000) when it converts this timestamp. This value is incorrect because it is exactly the number of milliseconds in a day so the valid range of values in this field is 0-86399999. Later on this incorrect value causes error in some other function (forgot to write down which one).
Below are few details.
TWebDAVFileSystem::DoNeonServerSSLCallback gets the certificate valid till 02 Nov 2023 23:59:59.
ValidUntil = 1698998399
It converts it to TDateTime format:
Data.ValidUntil.FValue = 45232.99998842592322
Sysutils::DateTimeToTimeStamp gets called for this value. It calculates fractpart as:
fractpart = 0.99998842592322034761
Later on Result.Time gets calculated as ToInt(fractpart * MSecsPerDay + 0.5):
Result.Time = 86400000
Relevant callstack:
00 0000003c
8eafc370 00007ffd7ccc22d9 NetBox!Sysutils::DateTimeToTimeStamp+0x41 [D:\a\Far-NetBox\Far-NetBox\src\base\Sysutils.cpp @ 499]01 0000003c
8eafc3a0 00007ffd7ccc229f NetBox!Sysutils::DecodeDateFully+0x2d [D:\a\Far-NetBox\Far-NetBox\src\base\Sysutils.cpp @ 1269]02 0000003c
8eafc3f0 00007ffd7ccdf542 NetBox!Sysutils::DecodeDate+0x13 [D:\a\Far-NetBox\Far-NetBox\src\base\Sysutils.cpp @ 1328]03 0000003c
8eafc440 00007ffd7cd32354 NetBox!Sysutils::FormatDateTime+0x4a [D:\a\Far-NetBox\Far-NetBox\src\base\Sysutils.cpp @ 1452]04 0000003c
8eafc530 00007ffd7cccf4e3 NetBox!TWebDAVFileSystem::VerifyCertificate+0x2cc [D:\a\Far-NetBox\Far-NetBox\src\core\WebDAVFileSystem.cpp @ 2536]05 0000003c
8eafc6e0 00007ffd7ceaecd3 NetBox!TWebDAVFileSystem::DoNeonServerSSLCallback+0x1fb [D:\a\Far-NetBox\Far-NetBox\src\core\WebDAVFileSystem.cpp @ 2651]The text was updated successfully, but these errors were encountered: