generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

implement -attime option as a verify parameter then it works with all relevant applications

Browse Source
This commit is contained in:
Dr. Stephen Henson 2011-12-10 00:37:42 +00:00
parent 6a4b87eb9d
commit f2e590942e
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
apps/apps.c
View File

@ -2256,6 +2256,7 @@ int args_verify(char ***pargs, int *pargc,
int purpose = 0, depth = -1; int purpose = 0, depth = -1;
char **oldargs = *pargs; char **oldargs = *pargs;
char *arg = **pargs, *argn = (*pargs)[1]; char *arg = **pargs, *argn = (*pargs)[1];
time_t at_time = 0;
if (!strcmp(arg, "-policy")) if (!strcmp(arg, "-policy"))
{ {
if (!argn) if (!argn)
@ -2308,6 +2309,27 @@ int args_verify(char ***pargs, int *pargc,
} }
(*pargs)++; (*pargs)++;
} }
else if (strcmp(arg,"-attime") == 0)
{
if (!argn)
*badarg = 1;
else
{
long timestamp;
/* interpret the -attime argument as seconds since
* Epoch */
if (sscanf(argn, "%li", &timestamp) != 1)
{
BIO_printf(bio_err,
"Error parsing timestamp %s\n",
argn);
*badarg = 1;
}
/* on some platforms time_t may be a float */
at_time = (time_t) timestamp;
}
(*pargs)++;
}
else if (!strcmp(arg, "-ignore_critical")) else if (!strcmp(arg, "-ignore_critical"))
flags |= X509_V_FLAG_IGNORE_CRITICAL; flags |= X509_V_FLAG_IGNORE_CRITICAL;
else if (!strcmp(arg, "-issuer_checks")) else if (!strcmp(arg, "-issuer_checks"))
@ -2362,6 +2384,9 @@ int args_verify(char ***pargs, int *pargc,
if (depth >= 0) if (depth >= 0)
X509_VERIFY_PARAM_set_depth(*pm, depth); X509_VERIFY_PARAM_set_depth(*pm, depth);
if (at_time)
X509_VERIFY_PARAM_set_time(*pm, at_time);
end: end:
(*pargs)++; (*pargs)++;