On Wed, 25 Jul 2018, Hagemann Laurin wrote:

> I'm developing some embedded stuff and system time is always reset on
> reboot, so time() will return 0 + seconds since boot. (changing the system
> time on runtime is not an option) If I'm not mistaken, this is a problem not
> only for cookie expiry but also to detect expired certificates.
>
> My plan is to replace all time() calls by a data->set.curl_time function
> pointer, which defaults to time(), but can be overriden by the user. Would
> such an approach be accepted into the upstream?

This won't work for everything in libcurl since we use Curl_now() for quite a
lot of time internally (and should probably over time remove time() calls
completely).

Secondly, it won't be used by the TLS libraries so things like certificate
verficatons will likely fail anyway.

A *much* better system that is actually likely to somewhat work globally would
be if you have a hardcoded "reasonable" date (like the date of your most
recent build) that you set your system to at boot and then everything in the
system will work as if that date is real... (it could be based on the same
time you imagine you'd use as a basis for the time() callback you suggest)

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html