From 46630ecd655bf6f88a8edad751ce5c5243b022f8 Mon Sep 17 00:00:00 2001
From: Joel Sing <jsing@google.com>
Date: Fri, 23 Oct 2015 02:57:01 +1100
Subject: [PATCH] net/http/httptest: fix comment regarding certificate expiry

In earlier versions of Go, times were only encoded as an ASN.1 UTCTIME and
crypto/tls/generate_cert.go limited times to the maximum UTCTIME value.
Revision 050b60a3 added support for ASN.1 GENERALIZEDTIME, allowing larger
time values to be represented (per RFC 5280).

As a result, when the httptest certificate was regenerated in revision
9b2d84ef, the Not After date changed to Jan 29 16:00:00 2084 GMT. Update
the comment to reflect this.

Change-Id: I1bd66e011f2749f9372b5c7506f52ea34e264ce9
Reviewed-on: https://go-review.googlesource.com/16193
Reviewed-by: Adam Langley <agl@golang.org>
---
 src/net/http/httptest/server.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/net/http/httptest/server.go b/src/net/http/httptest/server.go
index e4f680fe92..b5f1149259 100644
--- a/src/net/http/httptest/server.go
+++ b/src/net/http/httptest/server.go
@@ -273,8 +273,7 @@ func (s *Server) forgetConn(c net.Conn) {
 }
 
 // localhostCert is a PEM-encoded TLS cert with SAN IPs
-// "127.0.0.1" and "[::1]", expiring at the last second of 2049 (the end
-// of ASN.1 time).
+// "127.0.0.1" and "[::1]", expiring at Jan 29 16:00:00 2084 GMT.
 // generated from src/crypto/tls:
 // go run generate_cert.go  --rsa-bits 1024 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h
 var localhostCert = []byte(`-----BEGIN CERTIFICATE-----