generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 1618

Browse Source 
Submitted by: steve@openssl.org

Fix bug in 0.9.8-stable time handling in ca.c . NB: this only handles cases
where times are not being checked or printed properly. Issues relating to
time_t becoming negative or wrapping around are *NOT* addressed. OpenSSL
1.0.0 and later does fix these issues by using its own time routines.
This commit is contained in:
Dr. Stephen Henson 2010-01-14 17:44:46 +00:00
parent c3c3b28818
commit 24fc4f656c
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apps/ca.c
View File

@ -2095,7 +2095,7 @@ again2:
} }
BIO_printf(bio_err,"Certificate is to be certified until "); BIO_printf(bio_err,"Certificate is to be certified until ");
ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret)); ASN1_TIME_print(bio_err,X509_get_notAfter(ret));
if (days) BIO_printf(bio_err," (%ld days)",days); if (days) BIO_printf(bio_err," (%ld days)",days);
BIO_printf(bio_err, "\n"); BIO_printf(bio_err, "\n");
@ -2373,12 +2373,15 @@ err:
static int check_time_format(const char *str) static int check_time_format(const char *str)
{ {
ASN1_UTCTIME tm; ASN1_TIME tm;
tm.data=(unsigned char *)str; tm.data=(unsigned char *)str;
tm.length=strlen(str); tm.length=strlen(str);
tm.type=V_ASN1_UTCTIME; tm.type=V_ASN1_UTCTIME;
return(ASN1_UTCTIME_check(&tm)); if (ASN1_TIME_check(&tm))
return 1;
tm.type=V_ASN1_GENERALIZEDTIME;
return ASN1_TIME_check(&tm);
} }
static int do_revoke(X509 *x509, CA_DB *db, int type, char *value) static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)