From dce477a01e7db649a23822c17a251e3cd05eaf4b Mon Sep 17 00:00:00 2001
From: Hannes Mehnert <hannes@mehnert.org>
Date: Sat, 2 Mar 2019 21:29:51 +0100
Subject: [PATCH] vmmc_bistro: validity starts at now - 10

---
 app/vmmc_bistro.ml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/vmmc_bistro.ml b/app/vmmc_bistro.ml
index 73a7392..bd13c5b 100644
--- a/app/vmmc_bistro.ml
+++ b/app/vmmc_bistro.ml
@@ -22,9 +22,12 @@ let key_ids pub issuer =
 
 let timestamps validity =
   let now = Ptime_clock.now () in
-  match Ptime.add_span now (Ptime.Span.of_int_s validity) with
-  | None -> invalid_arg "span too big - reached end of ptime"
-  | Some exp -> (now, exp)
+  match
+    Ptime.sub_span now (Ptime.Span.of_int_s 10),
+    Ptime.add_span now (Ptime.Span.of_int_s validity)
+  with
+  | None, _ | _, None -> invalid_arg "span too big - reached end of ptime"
+  | Some now, Some exp -> (now, exp)
 
 let handle (host, port) cert key ca id (cmd : Vmm_commands.t) =
   Vmm_lwt.read_from_file cert >>= fun cert_cs ->