New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for datetime format ISO 8601 #14384
Conversation
@openssl/otc Should this be a configurable option? |
Possibly, I worry that it might break users... |
Changing the default format would likely be disruptive. Offering a way to request a non-default format seems more reasonable. |
We do have a nameopt, should we have a dateopt? |
I was thinking at config time |
I was only pointing out that we do have a mechanism for selecting output formats, and that we could do the same again for dates (which would also be consistent). Nameopts aren't configurable, btw, but there's nothing stopping us, and the same could go for dateopts. Making configuration the only viable choice to ask for a different format, though? |
Just out of curiosity, do you know of down stream examples that would be broken by this? I don't want to disrupt existing use cases, but my understanding was this date output was primarily for humans to read. I would prefer setting ISO 8601 as the default format because I myself was at one point confused by misreading the existing datetime format, and thought switching might be clearer to a human reader (although that is somewhat subjective). I certainly don't want to break existing code written around this format, but hopefully I've made my case for altering the default. I'll defer to your judgement in weighing the costs and benefits of changing the default. |
Out of historical interest, I believe that the current date output is inspired by RFC 822. That date format there was quite popular back in the days (still is, just look at the default git log output), and was considered very humanly readable.
It seems like you got a few brains going 😉 |
I think output is much less of a problem than input, which has several issues (mostly copied over from the old RT system). As for "who might break," the project has generally said it has no idea how it is used. Just the other day there was an issue about certificate output in tests for example. Is there a real problem this is solving beyond closing an issue that has lain fallow for three years? Please note that I am completely in favor of the ISO format. But please not for this release. |
And in a separate comment: I have scripts that will break if the format is changed. They are used to help prune our trust stores. |
Yup, ramifications... |
Mostly my belief that ISO 8601 is the superior format, and some minor frustration as a new user around the existing format. That being said, I understand the value of preserving existing behavior.
It sounds like the consensus I'm hearing is to allow for ISO as a non-default, configurable option, which I'm happy to implement. That would still leave open the option to migrate formats in the future (which would be my personal preference). |
This PR is in a state where it requires action by @openssl/otc but the last update was 30 days ago |
Yes, that would be welcome |
This PR is in a state where it requires action by @openssl/otc but the last update was 30 days ago |
This is actually waiting on making the ISO format an optional thing. |
Just to reiterate - ISO format will NOT be the default option (maybe in the future that might change), so the changes entry would need to indicate the new optional behavior. |
We're on the same page, trying to implement the optional configuration now.
Sorry, I haven't had much time to work on this recently but will try to add
that this week.
…On Mon, May 3, 2021, 8:34 PM Shane ***@***.***> wrote:
Just to reiterate - ISO format will NOT be the default option (maybe in
the future that might change), so the changes entry would need to indicate
the new optional behavior.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#14384 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABC2RUG5I2JNDABPJZGWZ6LTL46H3ANCNFSM4YNT4FDQ>
.
|
OTC: Hold lifted assuming that the default behaviour is not changed. |
bdf32e9
to
36d0b2a
Compare
I believe this was actually a missing underscore in |
And you'll rename the env var to match the other openssl ones? And document it as mentioned above? |
Ah, I see what I did wrong. I think this should be an |
57113df
to
494c4ca
Compare
Changed |
Fixes openssl#5430 Added the configuration file option "date_opt" to the openssl applications ca, crl and x509. Added ASN1_TIME_print_ex which supports the new datetime format using the flag ASN1_DTFLGS_ISO8601
494c4ca
to
6d05966
Compare
Unless you need to rebase, when you are addressing review comments you dont need to force push if you use
Then any reviewer can see what you have changed without having to re-review all files. |
ping |
@@ -99,7 +99,7 @@ static int certify(X509 **xret, const char *infile, int informat, | |||
const char *enddate, | |||
long days, int batch, const char *ext_sect, CONF *conf, | |||
int verbose, unsigned long certopt, unsigned long nameopt, | |||
int default_op, int ext_copy, int selfsign); | |||
int default_op, int ext_copy, int selfsign, unsigned long dateopt); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we not add to the "unsigned long" tech debt? See #15231 Or maybe the project doesn't care.
This pull request is ready to merge |
Fixes #5430 Added the configuration file option "date_opt" to the openssl applications ca, crl and x509. Added ASN1_TIME_print_ex which supports the new datetime format using the flag ASN1_DTFLGS_ISO8601 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #14384)
Merged to master. Thank you for the contribution! |
Fixes openssl#5430 Added the configuration file option "date_opt" to the openssl applications ca, crl and x509. Added ASN1_TIME_print_ex which supports the new datetime format using the flag ASN1_DTFLGS_ISO8601 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#14384)
Use datetime format ISO 8601 instead of ASN.1. Closes #5430
I expect at least one reviewer comment will address refactoring, since many of the code structures specifically reference ASN.1 I did not know what level to refactor these, so I left them as-is, but can return to refactor them if desired. Specific input would be greatly appreciated. Thanks!
Checklist