From: Joel Sing <jsing@google.com>
Date: Thu, 22 Oct 2015 15:57:01 +0000 (+1100)
Subject: net/http/httptest: fix comment regarding certificate expiry
X-Git-Tag: go1.6beta1~743
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=46630ecd655bf6f88a8edad751ce5c5243b022f8;p=gostls13.git

net/http/httptest: fix comment regarding certificate expiry

In earlier versions of Go, times were only encoded as an ASN.1 UTCTIME and
crypto/tls/generate_cert.go limited times to the maximum UTCTIME value.
Revision 050b60a3 added support for ASN.1 GENERALIZEDTIME, allowing larger
time values to be represented (per RFC 5280).

As a result, when the httptest certificate was regenerated in revision
9b2d84ef, the Not After date changed to Jan 29 16:00:00 2084 GMT. Update
the comment to reflect this.

Change-Id: I1bd66e011f2749f9372b5c7506f52ea34e264ce9
Reviewed-on: https://go-review.googlesource.com/16193
Reviewed-by: Adam Langley <agl@golang.org>
---

diff --git a/src/net/http/httptest/server.go b/src/net/http/httptest/server.go
index e4f680fe92..b5f1149259 100644
--- a/src/net/http/httptest/server.go
+++ b/src/net/http/httptest/server.go
@@ -273,8 +273,7 @@ func (s *Server) forgetConn(c net.Conn) {
 }
 
 // localhostCert is a PEM-encoded TLS cert with SAN IPs
-// "127.0.0.1" and "[::1]", expiring at the last second of 2049 (the end
-// of ASN.1 time).
+// "127.0.0.1" and "[::1]", expiring at Jan 29 16:00:00 2084 GMT.
 // generated from src/crypto/tls:
 // go run generate_cert.go  --rsa-bits 1024 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h
 var localhostCert = []byte(`-----BEGIN CERTIFICATE-----