slight tolerance for requests timestamped in the future

2026-06-06 07:12:54 -04:00 · 2012-07-12 12:38:13 -07:00 · 2012-07-12 12:38:13 -07:00 · f907899358
commit f907899358
parent d54858689a
1 changed files with 5 additions and 2 deletions
--- a/server-ca/chocolate.py
+++ b/server-ca/chocolate.py
@ -211,8 +211,11 @@ class session(object):
        if not all([safe("recipient", recipient), safe("csr", csr)]):
            self.die(r, r.BadRequest, uri="https://ca.example.com/failures/illegalcharacter")
            return
-        if timestamp > time.time() or time.time() - timestamp > 100:
-            self.die(r, r.BadRequest, uri="https://ca.example.com/failures/time")
+        if timestamp - time.time() > 5:
+            self.die(r, r.BadRequest, uri="https://ca.example.com/failures/future")
+            return
+        if time.time() - timestamp > 100:
+            self.die(r, r.BadRequest, uri="https://ca.example.com/failures/past")
            return
        if recipient != "ca.example.com":
            self.die(r, r.BadRequest, uri="https://ca.example.com/failures/recipient")