// ParseTimeString parses a string into a Unix timestamp. The string may represent an
// absolute time, duration relative to the current time, or a millisecond resolution
// timestamp. All times are converted to UTC.
func ParseTimeString(s string) (int64, error) {
var (
t time.Time
d time.Duration
err error
)
// Duration
d, err = time.ParseDuration(s)
if err == nil {
return time.Now().UTC().Add(d).Unix(), nil
}
// Parse time.
for _, layout := range timeLayouts {
t, err = time.Parse(layout, s)
if err == nil {
return t.UTC().Unix(), nil
}
}
// Timestamp; assume this is UTC time.
i, err := strconv.ParseInt(s, 10, 64)
if err == nil {
return i, nil
}
return 0, fmt.Errorf("[time] could not parse %s", s)
}
func GetUB() *Account {
uc := &UnitsCounter{
Direction: OUTBOUND,
BalanceType: utils.SMS,
Balances: BalanceChain{&Balance{Value: 1}, &Balance{Weight: 20, DestinationIds: "NAT"}, &Balance{Weight: 10, DestinationIds: "RET"}},
}
at := &ActionTrigger{
Id: "some_uuid",
BalanceType: utils.MONETARY,
BalanceDirection: OUTBOUND,
ThresholdValue: 100.0,
BalanceDestinationIds: "NAT",
Weight: 10.0,
ActionsId: "Commando",
}
var zeroTime time.Time
zeroTime = zeroTime.UTC() // for deep equal to find location
ub := &Account{
Id: "rif",
AllowNegative: true,
BalanceMap: map[string]BalanceChain{utils.SMS + OUTBOUND: BalanceChain{&Balance{Value: 14, ExpirationDate: zeroTime}}, utils.DATA + OUTBOUND: BalanceChain{&Balance{Value: 1024, ExpirationDate: zeroTime}}, utils.VOICE: BalanceChain{&Balance{Weight: 20, DestinationIds: "NAT"}, &Balance{Weight: 10, DestinationIds: "RET"}}},
UnitCounters: []*UnitsCounter{uc, uc},
ActionTriggers: ActionTriggers{at, at, at},
}
return ub
}
func toUTCString(t time.Time) string {
utc := t.UTC().Round(time.Second)
// Ugly but straight forward formatting as time.Parse is such a prima donna
return fmt.Sprintf("%d-%02d-%02dT%02d:%02d:%02d.000Z",
utc.Year(), utc.Month(), utc.Day(),
utc.Hour(), utc.Minute(), utc.Second())
}
func (s *Stats) calculateWaitTime(d *Download) time.Duration {
var zeroTime time.Time
if d.TimeStarted.UTC() == zeroTime.UTC() {
return s.Clock.Now().Sub(d.TimeRequested)
}
return d.TimeStarted.Sub(d.TimeRequested)
}
func normalizeModTime(modTime time.Time) time.Time {
// Google Drive supports millisecond resolution for modification time,
// but some filesystems (e.g., NTFS) support nanosecond resolution.
// We truncate the modification date to the nearest millisecond to avoid
// spurious differences when comparing file modification dates.
return modTime.UTC().Truncate(time.Millisecond)
}
func (d *dataAccess) GetIncidentsStartingInRange(start, end time.Time) ([]*models.Incident, error) {
defer collect.StartTimer("redis", opentsdb.TagSet{"op": "GetIncidentsStartingInRange"})()
conn := d.GetConnection()
defer conn.Close()
ids, err := redis.Ints(conn.Do("ZRANGEBYSCORE", "incidentsByStart", start.UTC().Unix(), end.UTC().Unix()))
if err != nil {
return nil, err
}
args := make([]interface{}, len(ids)+1)
args[0] = "incidents"
for i := range ids {
args[i+1] = ids[i]
}
jsons, err := redis.Strings(conn.Do("HMGET", args...))
if err != nil {
return nil, err
}
incidents := make([]*models.Incident, len(jsons))
for i := range jsons {
inc := &models.Incident{}
if err = json.Unmarshal([]byte(jsons[i]), inc); err != nil {
return nil, err
}
incidents[i] = inc
}
return incidents, nil
}
func download(url, outpath string, pivot time.Time) error {
req, err := http.NewRequest("GET", url, nil)
if err != nil {
return err
}
if !pivot.IsZero() {
t := pivot.UTC().Format(http.TimeFormat)
req.Header.Set("If-Modified-Since", t)
}
resp, err := http.DefaultClient.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
switch resp.StatusCode {
case http.StatusOK:
f, err := os.Create(outpath)
if err != nil {
return err
}
defer f.Close()
if _, err := io.Copy(f, resp.Body); err != nil {
return err
}
case http.StatusNotModified:
return errorNotModified
default:
return fmt.Errorf("unexpected response: %s", resp.Status)
}
return nil
}
// Convert a time.Time to a JSON timestamp
func JSONStamp(t time.Time) string {
if !t.IsZero() {
return t.UTC().Format(JSONLayout)
}
return ""
}
// GetCallsInRange gets an Iterator containing calls in the range [start, end),
// optionally further filtered by data. GetCallsInRange panics if start is not
// before end. Any date filters provided in data will be ignored. If you have
// an end, but don't want to specify a start, use twilio.Epoch for start. If
// you have a start, but don't want to specify an end, use twilio.HeatDeath for
// end.
//
// Assumes that Twilio returns resources in chronological order, latest
// first. If this assumption is incorrect, your results will not be correct.
//
// Returned CallPages will have at most PageSize results, but may have fewer,
// based on filtering.
func (c *CallService) GetCallsInRange(start time.Time, end time.Time, data url.Values) CallPageIterator {
if start.After(end) {
panic("start date is after end date")
}
d := url.Values{}
if data != nil {
for k, v := range data {
d[k] = v
}
}
d.Del("StartTime")
d.Del("Page") // just in case
if start != Epoch {
startFormat := start.UTC().Format(APISearchLayout)
d.Set("StartTime>", startFormat)
}
if end != HeatDeath {
// If you specify "StartTime<=YYYY-MM-DD", the *latest* result returned
// will be midnight (the earliest possible second) on DD. We want all
// of the results for DD so we need to specify DD+1 in the API.
//
// TODO validate midnight-instant math more closely, since I don't think
// Twilio returns the correct results for that instant.
endFormat := end.UTC().Add(24 * time.Hour).Format(APISearchLayout)
d.Set("StartTime<", endFormat)
}
iter := NewPageIterator(c.client, d, callsPathPart)
return &callDateIterator{
start: start,
end: end,
p: iter,
}
}
func (cursor *Cursor) interpretBytesAsTime(data []byte) time.Time {
integer := cursor.interpretBytesAsInteger(data)
var date_time time.Time
if cursor.mode == IntegerMode {
if cursor.epoch_unit == SecondsSinceEpoch {
date_time = cursor.epoch_time.Add(time.Duration(integer) * time.Second)
} else if cursor.epoch_unit == DaysSinceEpoch {
date_time = cursor.epoch_time.Add(time.Duration(integer) * 24 * time.Hour)
}
} else if cursor.mode == FloatingPointMode {
var float float64
if cursor.fp_length == 4 {
float = float64(math.Float32frombits(uint32(integer)))
} else {
float = math.Float64frombits(integer)
}
if cursor.epoch_unit == SecondsSinceEpoch {
date_time = cursor.epoch_time.Add(time.Duration(float * float64(time.Second)))
} else {
date_time = cursor.epoch_time.Add(time.Duration(float * 24 * float64(time.Hour)))
}
} else {
date_time = cursor.epoch_time
}
return date_time.UTC()
}
func (d *dataAccess) ClearNotificationsBefore(t time.Time) error {
conn := d.Get()
defer conn.Close()
_, err := conn.Do("ZREMRANGEBYSCORE", pendingNotificationsKey, 0, t.UTC().Unix())
return slog.Wrap(err)
}
// Emit a set of stats data points.
func (s *StatsNode) emit(now time.Time) error {
s.timer.Start()
point := models.Point{
Name: "stats",
Tags: map[string]string{"node": s.en.Name()},
Time: now.UTC(),
}
if s.s.AlignFlag {
point.Time = point.Time.Round(s.s.Interval)
}
stats := s.en.nodeStatsByGroup()
for group, stat := range stats {
point.Fields = stat.Fields
point.Group = group
point.Dimensions = stat.Dimensions
point.Tags = stat.Tags
s.timer.Pause()
for _, out := range s.outs {
err := out.CollectPoint(point)
if err != nil {
return err
}
}
s.timer.Resume()
}
s.timer.Stop()
return nil
}
func (m *MessageReply) UnreadCount(messageId int64, addedAt time.Time, showExempt bool) (int, error) {
if messageId == 0 {
return 0, ErrMessageIdIsNotSet
}
if addedAt.IsZero() {
return 0, ErrAddedAtIsNotSet
}
query := "message_id = ? and created_at > ?"
if !showExempt {
query += " and meta_bits = ?"
} else {
query += " and meta_bits >= ?"
}
var metaBits MetaBits
return bongo.B.Count(
m,
query,
messageId,
addedAt.UTC().Format(time.RFC3339Nano),
metaBits,
)
}
func NewPrivateKeySet(keys []*PrivateKey, exp time.Time) *PrivateKeySet {
return &PrivateKeySet{
keys: keys,
ActiveKeyID: keys[0].ID(),
expiresAt: exp.UTC(),
}
}
// NewCA generates a CA certificate/key pair suitable for signing server
// keys for an environment with the given name.
func NewCA(envName string, expiry time.Time) (certPEM, keyPEM string, err error) {
key, err := rsa.GenerateKey(rand.Reader, KeyBits)
if err != nil {
return "", "", err
}
now := time.Now()
template := &x509.Certificate{
SerialNumber: new(big.Int),
Subject: pkix.Name{
CommonName: fmt.Sprintf("juju-generated CA for environment %q", envName),
Organization: []string{"juju"},
},
NotBefore: now.UTC().AddDate(0, 0, -7),
NotAfter: expiry.UTC(),
SubjectKeyId: bigIntHash(key.N),
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
IsCA: true,
MaxPathLen: 0, // Disallow delegation for now.
BasicConstraintsValid: true,
}
certDER, err := x509.CreateCertificate(rand.Reader, template, template, &key.PublicKey, key)
if err != nil {
return "", "", fmt.Errorf("cannot create certificate: %v", err)
}
certPEMData := pem.EncodeToMemory(&pem.Block{
Type: "CERTIFICATE",
Bytes: certDER,
})
keyPEMData := pem.EncodeToMemory(&pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(key),
})
return string(certPEMData), string(keyPEMData), nil
}
// formatTs formats t with an optional offset into a format lib/pq understands,
// appending to the provided tmp buffer and reallocating if needed. The function
// will then return the resulting buffer. formatTs is mostly cribbed from
// github.com/lib/pq.
func formatTs(t time.Time, offset *time.Location, tmp []byte) (b []byte) {
// Need to send dates before 0001 A.D. with " BC" suffix, instead of the
// minus sign preferred by Go.
// Beware, "0000" in ISO is "1 BC", "-0001" is "2 BC" and so on
if offset != nil {
t = t.In(offset)
} else {
t = t.UTC()
}
bc := false
if t.Year() <= 0 {
// flip year sign, and add 1, e.g: "0" will be "1", and "-10" will be "11"
t = t.AddDate((-t.Year())*2+1, 0, 0)
bc = true
}
if offset != nil {
b = t.AppendFormat(tmp, pgTimeStampFormat)
} else {
b = t.AppendFormat(tmp, pgTimeStampFormatNoOffset)
}
if bc {
b = append(b, " BC"...)
}
return b
}
func moveOldInboxItems(t time.Time) error {
t = t.UTC()
args := map[string]interface{}{
"start_key": []interface{}{"inbox"},
"end_key": []interface{}{"inbox", t.Add(-time.Duration(time.Hour))},
}
viewRes := struct {
Rows []struct {
ID string
}
}{}
err := db.ViewCustom("cbugg", "aging", args, &viewRes)
if err != nil {
return err
}
for _, row := range viewRes.Rows {
log.Printf("Moving %v from inbox to new", row.ID)
_, err = updateBug(row.ID, "status", "new",
User{Id: *mailFrom, Internal: true, Admin: true})
if err != nil {
return err
}
}
return nil
}
func Make_FName(realm string, ts time.Time, zipped bool) string {
n := fmt.Sprintf("%s-%s.json", Safe_Realm(realm), TSStr(ts.UTC()))
if zipped {
n = n + ".gz"
}
return n
}
func GetUB() *Account {
uc := &UnitCounter{
Counters: CounterFilters{&CounterFilter{Value: 1}, &CounterFilter{Filter: &BalanceFilter{Weight: utils.Float64Pointer(20), DestinationIDs: utils.StringMapPointer(utils.NewStringMap("NAT"))}}, &CounterFilter{Filter: &BalanceFilter{Weight: utils.Float64Pointer(10), DestinationIDs: utils.StringMapPointer(utils.NewStringMap("RET"))}}},
}
at := &ActionTrigger{
ID: "some_uuid",
ThresholdValue: 100.0,
Balance: &BalanceFilter{
Type: utils.StringPointer(utils.MONETARY),
Directions: utils.StringMapPointer(utils.NewStringMap(utils.OUT)),
DestinationIDs: utils.StringMapPointer(utils.NewStringMap("NAT")),
},
Weight: 10.0,
ActionsID: "Commando",
}
var zeroTime time.Time
zeroTime = zeroTime.UTC() // for deep equal to find location
ub := &Account{
ID: "rif",
AllowNegative: true,
BalanceMap: map[string]Balances{utils.SMS: Balances{&Balance{Value: 14, ExpirationDate: zeroTime}}, utils.DATA: Balances{&Balance{Value: 1024, ExpirationDate: zeroTime}}, utils.VOICE: Balances{&Balance{Weight: 20, DestinationIDs: utils.NewStringMap("NAT")}, &Balance{Weight: 10, DestinationIDs: utils.NewStringMap("RET")}}},
UnitCounters: UnitCounters{utils.SMS: []*UnitCounter{uc, uc}},
ActionTriggers: ActionTriggers{at, at, at},
}
return ub
}
// DefaultExpires gets the default expiry time for the given role
func DefaultExpires(role string) time.Time {
if d, ok := defaultExpiryTimes[role]; ok {
return time.Now().Add(d)
}
var t time.Time
return t.UTC().Round(time.Second)
}
// Format a given time for use with HTTP protocol.
func httpDate(t time.Time) string {
f := t.UTC().Format(time.RFC1123)
if strings.HasSuffix(f, "UTC") {
f = f[0:len(f)-3] + "GMT"
}
return f
}
func downloadAsFile(inURL, outPath string, pivot time.Time, pf progressFunc) error {
req, err := http.NewRequest("GET", inURL, nil)
if err != nil {
return err
}
if !pivot.IsZero() {
t := pivot.UTC().Format(http.TimeFormat)
req.Header.Set("If-Modified-Since", t)
}
logInfo("download URL %s as file %s", inURL, outPath)
msgPrintf("download %s\n", inURL)
client := http.Client{Timeout: downloadTimeout}
resp, err := client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
switch resp.StatusCode {
case http.StatusOK:
return saveBody(outPath, resp, pf)
case http.StatusNotModified:
return errSourceNotModified
default:
return fmt.Errorf("unexpected response: %s", resp.Status)
}
}
// DefaultExpires gets the default expiry time for the given role
func DefaultExpires(role string) time.Time {
var t time.Time
if t, ok := defaultExpiryTimes[role]; ok {
return time.Now().AddDate(0, 0, t)
}
return t.UTC().Round(time.Second)
}
// UpdateOCSP updates a ocsp response record with a given serial number.
func (d *Accessor) UpdateOCSP(serial, aki, body string, expiry time.Time) error {
err := d.checkDB()
if err != nil {
return err
}
result, err := d.db.NamedExec(updateOCSPSQL, &certdb.OCSPRecord{
AKI: aki,
Body: body,
Expiry: expiry.UTC(),
Serial: serial,
})
if err != nil {
return wrapSQLError(err)
}
numRowsAffected, err := result.RowsAffected()
if numRowsAffected == 0 {
return cferr.Wrap(cferr.CertStoreError, cferr.RecordNotFound, fmt.Errorf("failed to update the OCSP record"))
}
if numRowsAffected != 1 {
return wrapSQLError(fmt.Errorf("%d rows are affected, should be 1 row", numRowsAffected))
}
return err
}
func TestDateTimeLocal(t *testing.T) {
zone := "Asia/Tokyo"
tempFilename := TempFilename()
db, err := sql.Open("sqlite3", tempFilename+"?_loc="+zone)
if err != nil {
t.Fatal("Failed to open database:", err)
}
db.Exec("CREATE TABLE foo (dt datetime);")
db.Exec("INSERT INTO foo VALUES('2015-03-05 15:16:17');")
row := db.QueryRow("select * from foo")
var d time.Time
err = row.Scan(&d)
if err != nil {
t.Fatal("Failed to scan datetime:", err)
}
if d.Hour() == 15 || !strings.Contains(d.String(), "JST") {
t.Fatal("Result should have timezone", d)
}
db.Close()
db, err = sql.Open("sqlite3", tempFilename)
if err != nil {
t.Fatal("Failed to open database:", err)
}
row = db.QueryRow("select * from foo")
err = row.Scan(&d)
if err != nil {
t.Fatal("Failed to scan datetime:", err)
}
if d.UTC().Hour() != 15 || !strings.Contains(d.String(), "UTC") {
t.Fatalf("Result should not have timezone %v %v", zone, d.String())
}
_, err = db.Exec("DELETE FROM foo")
if err != nil {
t.Fatal("Failed to delete table:", err)
}
dt, err := time.Parse("2006/1/2 15/4/5 -0700 MST", "2015/3/5 15/16/17 +0900 JST")
if err != nil {
t.Fatal("Failed to parse datetime:", err)
}
db.Exec("INSERT INTO foo VALUES(?);", dt)
db.Close()
db, err = sql.Open("sqlite3", tempFilename+"?_loc="+zone)
if err != nil {
t.Fatal("Failed to open database:", err)
}
row = db.QueryRow("select * from foo")
err = row.Scan(&d)
if err != nil {
t.Fatal("Failed to scan datetime:", err)
}
if d.Hour() != 15 || !strings.Contains(d.String(), "JST") {
t.Fatalf("Result should have timezone %v %v", zone, d.String())
}
}
// UpsertOCSP update a ocsp response record with a given serial number,
// or insert the record if it doesn't yet exist in the db
// Implementation note:
// We didn't implement 'upsert' with SQL statement and we lost race condition
// prevention provided by underlying DBMS.
// Reasoning:
// 1. it's diffcult to support multiple DBMS backends in the same time, the
// SQL syntax differs from one to another.
// 2. we don't need a strict simultaneous consistency between OCSP and certificate
// status. It's OK that a OCSP response still shows 'good' while the
// corresponding certificate is being revoked seconds ago, as long as the OCSP
// response catches up to be eventually consistent (within hours to days).
// Write race condition between OCSP writers on OCSP table is not a problem,
// since we don't have write race condition on Certificate table and OCSP
// writers should periodically use Certificate table to update OCSP table
// to catch up.
func (d *Accessor) UpsertOCSP(serial, aki, body string, expiry time.Time) error {
err := d.checkDB()
if err != nil {
return err
}
result, err := d.db.NamedExec(updateOCSPSQL, &certdb.OCSPRecord{
AKI: aki,
Body: body,
Expiry: expiry.UTC(),
Serial: serial,
})
if err != nil {
return wrapSQLError(err)
}
numRowsAffected, err := result.RowsAffected()
if numRowsAffected == 0 {
return d.InsertOCSP(certdb.OCSPRecord{Serial: serial, AKI: aki, Body: body, Expiry: expiry})
}
if numRowsAffected != 1 {
return wrapSQLError(fmt.Errorf("%d rows are affected, should be 1 row", numRowsAffected))
}
return err
}
func printTime(t *time.Time) {
year, mon, day := t.UTC().Date()
hour, min, sec := t.UTC().Clock()
zone, _ := t.UTC().Zone()
fmt.Printf("UTC time is %d-%d-%d %02d:%02d:%02d %s\n",
year, mon, day, hour, min, sec, zone)
}
// newLeaf generates a certificate/key pair suitable for use by a leaf node.
func newLeaf(caCertPEM, caKeyPEM string, expiry time.Time, hostnames []string, extKeyUsage []x509.ExtKeyUsage) (certPEM, keyPEM string, err error) {
tlsCert, err := tls.X509KeyPair([]byte(caCertPEM), []byte(caKeyPEM))
if err != nil {
return "", "", err
}
if len(tlsCert.Certificate) != 1 {
return "", "", fmt.Errorf("more than one certificate for CA")
}
caCert, err := x509.ParseCertificate(tlsCert.Certificate[0])
if err != nil {
return "", "", err
}
if !caCert.BasicConstraintsValid || !caCert.IsCA {
return "", "", fmt.Errorf("CA certificate is not a valid CA")
}
caKey, ok := tlsCert.PrivateKey.(*rsa.PrivateKey)
if !ok {
return "", "", fmt.Errorf("CA private key has unexpected type %T", tlsCert.PrivateKey)
}
key, err := rsa.GenerateKey(rand.Reader, KeyBits)
if err != nil {
return "", "", fmt.Errorf("cannot generate key: %v", err)
}
now := time.Now()
template := &x509.Certificate{
SerialNumber: new(big.Int),
Subject: pkix.Name{
// This won't match host names with dots. The hostname
// is hardcoded when connecting to avoid the issue.
CommonName: "*",
Organization: []string{"juju"},
},
NotBefore: now.UTC().AddDate(0, 0, -7),
NotAfter: expiry.UTC(),
SubjectKeyId: bigIntHash(key.N),
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageKeyAgreement,
ExtKeyUsage: extKeyUsage,
}
for _, hostname := range hostnames {
if ip := net.ParseIP(hostname); ip != nil {
template.IPAddresses = append(template.IPAddresses, ip)
} else {
template.DNSNames = append(template.DNSNames, hostname)
}
}
certDER, err := x509.CreateCertificate(rand.Reader, template, caCert, &key.PublicKey, caKey)
if err != nil {
return "", "", err
}
certPEMData := pem.EncodeToMemory(&pem.Block{
Type: "CERTIFICATE",
Bytes: certDER,
})
keyPEMData := pem.EncodeToMemory(&pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(key),
})
return string(certPEMData), string(keyPEMData), nil
}
// GetBlobSASURI creates an URL to the specified blob which contains the Shared
// Access Signature with specified permissions and expiration time.
//
// See https://msdn.microsoft.com/en-us/library/azure/ee395415.aspx
func (b BlobStorageClient) GetBlobSASURI(container, name string, expiry time.Time, permissions string) (string, error) {
var (
signedPermissions = permissions
blobURL = b.GetBlobURL(container, name)
)
canonicalizedResource, err := b.client.buildCanonicalizedResource(blobURL)
if err != nil {
return "", err
}
signedExpiry := expiry.UTC().Format(time.RFC3339)
signedResource := "b"
stringToSign, err := blobSASStringToSign(b.client.apiVersion, canonicalizedResource, signedExpiry, signedPermissions)
if err != nil {
return "", err
}
sig := b.client.computeHmac256(stringToSign)
sasParams := url.Values{
"sv": {b.client.apiVersion},
"se": {signedExpiry},
"sr": {signedResource},
"sp": {signedPermissions},
"sig": {sig},
}
sasURL, err := url.Parse(blobURL)
if err != nil {
return "", err
}
sasURL.RawQuery = sasParams.Encode()
return sasURL.String(), nil
}
func main() {
flag.Parse()
var t time.Time
switch flag.NArg() {
case 0:
t = time.Now()
case 1:
i, err := strconv.ParseInt(flag.Arg(0), 10, 64)
if err != nil {
fmt.Fprintln(os.Stderr, "date:", err.Error())
os.Exit(1)
}
t = time.Unix(i, 0)
default:
usage()
}
switch {
case *nflag:
fmt.Println(t.Unix())
case *uflag:
fmt.Println(t.UTC())
default:
fmt.Println(t)
}
}