[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tlsdate/master] Update the README to use the current git tip

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tlsdate/master] Update the README to use the current git tip
From: ioerror@xxxxxxxxxxxxxx
Date: Sat, 20 Apr 2013 03:49:39 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 19 Apr 2013 23:49:57 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit 7a33632a3283a95582b3e385c59b1fb2cc9fd06b
Author: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>
Date:   Fri Apr 19 18:08:49 2013 -0700

    Update the README to use the current git tip
---
 README |   68 +++++++++++++++++----------------------------------------------
 1 files changed, 19 insertions(+), 49 deletions(-)

diff --git a/README b/README
index 8e907d3..1c9e793 100644
--- a/README
+++ b/README
@@ -14,70 +14,40 @@ invoke tlsdate to keep the clock in sync. Start it like so:
 
 Here is an example an unprivileged user fetching the remote time:
 
-  % tlsdate -v -V -n
-  V: tlsdate version 0.0.1
-  V: We were called with the following arguments:
-  V: validate SSL certificates host = www.ptb.de:443
-  V: time is currently 1342197117.577381
-  V: using TLSv1_client_method()
-  V: SSL certificate verification passed
-  V: server time 1342197117 (difference is about 0 s) was fetched in 705 ms
-  Fri Jul 13 18:31:57 CEST 2012
+  % tlsdate -V -n -H encrypted.google.com
+  Fri Apr 19 17:56:46 PDT 2013
 
 
-This is an example run - starting as root and dropping to nobody:
+This is an example run - starting as root and dropping to nobody, setting the
+clock and printing it:
+
+  % sudo tlsdate -V
+  Fri Apr 19 17:57:49 PDT 2013
 
-  % sudo ./tlsdate -v 
-  V: tlsdate version 0.0.1
-  V: We were called with the following arguments:
-  V: validate SSL certificates host = www.ptb.de:443
-  V: time is currently 1342197222.273552
-  V: using TLSv1_client_method()
-  V: SSL certificate verification passed
-  V: server time 1342197222 (difference is about 0 s) was fetched in 520 ms
-  V: setting time succeeded
 
 Here is an example with a custom host and custom port without verification:
 
   % sudo tlsdate -v --skip-verification -p 80 -H rgnx.net
-  V: tlsdate version 0.0.1
+  V: tlsdate version 0.0.6
   V: We were called with the following arguments:
   V: disable SSL certificate check host = rgnx.net:80
   WARNING: Skipping certificate verification!
-  V: time is currently 1342197285.298607
+  V: time is currently 1366419507.456647065
+  V: time is greater than RECENT_COMPILE_DATE
   V: using TLSv1_client_method()
+  V: Using OpenSSL for SSL
+  V: opening socket to rgnx.net:80
   V: Certificate verification skipped!
-  V: server time 1342197286 (difference is about -1 s) was fetched in 765 ms
+  V: public key is ready for inspection
+  V: key type: EVP_PKEY_RSA
+  V: keybits: 1024
+  V: key length appears safe
+  V: server time 1366419508 (difference is about -1 s) was fetched in 338 ms
   V: setting time succeeded
 
-Here is an example of a false ticker that is detected and rejected:
-
-  % sudo tlsdate -v -H facebook.com
-  V: tlsdate version 0.0.1
-  V: We were called with the following arguments:
-  V: validate SSL certificates host = facebook.com:443
-  V: time is currently 1342197379.931852
-  V: using TLSv1_client_method()
-  V: SSL certificate verification passed
-  V: server time 2693501503 (difference is about -1351304124 s) was fetched in 724 ms
-  remote server is a false ticker from the future!
-
 Here is an example where a system may not have any kind of RTC at boot. Do the
 time warp to restore sanity and do so with a leap of faith:
 
-  % sudo tlsdate -v -V -l -t
-  V: tlsdate version 0.0.1
-  V: We were called with the following arguments:
-  V: validate SSL certificates host = www.ptb.de:443
-  V: RECENT_COMPILE_DATE is 1342407042.000000
-  V: time is currently 1342488229.659967
-  V: time is greater than RECENT_COMPILE_DATE
-  V: using TLSv1_client_method()
-  V: freezing time for x509 verification
-  V: remote peer provided: 1342488230, prefered over compile time: 1342407042
-  V: freezing time with X509_VERIFY_PARAM_set_time
-  V: SSL certificate verification passed
-  V: server time 1342488230 (difference is about -1 s) was fetched in 791 ms
-  Mon Jul 16 18:23:50 PDT 2012
-  V: setting time succeeded
+  % sudo tlsdate -V -l -t
+  Fri Apr 19 18:08:03 PDT 2013
 

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tlsdate/master] Add note on hardening
Next by Author: [tor-commits] [tlsdate/master] Update location for tlsdated man page
Previous by thread: [tor-commits] [tlsdate/master] Add note on hardening
Next by thread: [tor-commits] [metrics-lib/master] Support bridge-ip-transports lines in extra-infos.
Index(es):
- Author
- Thread