Constify certificate and CRL time routines. (568ce3a5) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

apps/apps.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -2604,7 +2604,7 @@ int set_cert_times(X509 x, const char startdate, const char *enddate,
		goto err;
		}

		if (!X509_set_notBefore(x, tm))
		if (!X509_set1_notBefore(x, tm))
		goto err;

		if (enddate == NULL) {
		@@ -2614,7 +2614,7 @@ int set_cert_times(X509 x, const char startdate, const char *enddate,
		goto err;
		}

		if (!X509_set_notAfter(x, tm))
		if (!X509_set1_notAfter(x, tm))
		goto err;

		rv = 1;

apps/ca.c

+8 −8

Original line number	Diff line number	Diff line
		@@ -1100,13 +1100,13 @@ end_of_options:
		if (tmptm == NULL)
		goto end;
		X509_gmtime_adj(tmptm, 0);
		X509_CRL_set_lastUpdate(crl, tmptm);
		X509_CRL_set1_lastUpdate(crl, tmptm);
		if (!X509_time_adj_ex(tmptm, crldays, crlhours * 60 * 60 + crlsec,
		NULL)) {
		BIO_puts(bio_err, "error setting CRL nextUpdate\n");
		goto end;
		}
		X509_CRL_set_nextUpdate(crl, tmptm);
		X509_CRL_set1_nextUpdate(crl, tmptm);

		ASN1_TIME_free(tmptm);

		@@ -1377,7 +1377,7 @@ static int do_body(X509 *xret, EVP_PKEY pkey, X509 *x509,
		{
		X509_NAME name = NULL, CAname = NULL, subject = NULL, dn_subject =
		NULL;
		ASN1_UTCTIME *tm;
		const ASN1_TIME *tm;
		ASN1_STRING str, str2;
		ASN1_OBJECT *obj;
		X509 *ret = NULL;
		@@ -1703,7 +1703,7 @@ static int do_body(X509 *xret, EVP_PKEY pkey, X509 *x509,

		if (enddate != NULL) {
		int tdays;
		ASN1_TIME_diff(&tdays, NULL, NULL, X509_get_notAfter(ret));
		ASN1_TIME_diff(&tdays, NULL, NULL, X509_get0_notAfter(ret));
		days = tdays;
		}

		@@ -1789,7 +1789,7 @@ static int do_body(X509 *xret, EVP_PKEY pkey, X509 *x509,
		}

		BIO_printf(bio_err, "Certificate is to be certified until ");
		ASN1_TIME_print(bio_err, X509_get_notAfter(ret));
		ASN1_TIME_print(bio_err, X509_get0_notAfter(ret));
		if (days)
		BIO_printf(bio_err, " (%ld days)", days);
		BIO_printf(bio_err, "\n");
		@@ -1822,7 +1822,7 @@ static int do_body(X509 *xret, EVP_PKEY pkey, X509 *x509,

		/* We now just add it to the database */
		row[DB_type] = OPENSSL_strdup("V");
		tm = X509_get_notAfter(ret);
		tm = X509_get0_notAfter(ret);
		row[DB_exp_date] = app_malloc(tm->length + 1, "row expdate");
		memcpy(row[DB_exp_date], tm->data, tm->length);
		row[DB_exp_date][tm->length] = '\0';
		@@ -2021,7 +2021,7 @@ static int check_time_format(const char *str)

		static int do_revoke(X509 x509, CA_DB db, int type, char *value)
		{
		ASN1_UTCTIME *tm = NULL;
		const ASN1_TIME *tm = NULL;
		char row[DB_NUMBER], rrow, *irow;
		char *rev_str = NULL;
		BIGNUM *bn = NULL;
		@@ -2054,7 +2054,7 @@ static int do_revoke(X509 x509, CA_DB db, int type, char *value)

		/* We now just add it to the database */
		row[DB_type] = OPENSSL_strdup("V");
		tm = X509_get_notAfter(x509);
		tm = X509_get0_notAfter(x509);
		row[DB_exp_date] = app_malloc(tm->length + 1, "row exp_data");
		memcpy(row[DB_exp_date], tm->data, tm->length);
		row[DB_exp_date][tm->length] = '\0';

apps/crl.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -285,13 +285,13 @@ int crl_main(int argc, char **argv)
		#endif
		if (lastupdate == i) {
		BIO_printf(bio_out, "lastUpdate=");
		ASN1_TIME_print(bio_out, X509_CRL_get_lastUpdate(x));
		ASN1_TIME_print(bio_out, X509_CRL_get0_lastUpdate(x));
		BIO_printf(bio_out, "\n");
		}
		if (nextupdate == i) {
		BIO_printf(bio_out, "nextUpdate=");
		if (X509_CRL_get_nextUpdate(x))
		ASN1_TIME_print(bio_out, X509_CRL_get_nextUpdate(x));
		if (X509_CRL_get0_nextUpdate(x))
		ASN1_TIME_print(bio_out, X509_CRL_get0_nextUpdate(x));
		else
		BIO_printf(bio_out, "NONE");
		BIO_printf(bio_out, "\n");

apps/s_cb.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -82,13 +82,13 @@ int verify_callback(int ok, X509_STORE_CTX *ctx)
		case X509_V_ERR_CERT_NOT_YET_VALID:
		case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
		BIO_printf(bio_err, "notBefore=");
		ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
		ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert));
		BIO_printf(bio_err, "\n");
		break;
		case X509_V_ERR_CERT_HAS_EXPIRED:
		case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
		BIO_printf(bio_err, "notAfter=");
		ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
		ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert));
		BIO_printf(bio_err, "\n");
		break;
		case X509_V_ERR_NO_EXPLICIT_POLICY:

apps/x509.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -746,11 +746,11 @@ int x509_main(int argc, char **argv)
		X509_print_ex(out, x, nmflag, certflag);
		} else if (startdate == i) {
		BIO_puts(out, "notBefore=");
		ASN1_TIME_print(out, X509_get_notBefore(x));
		ASN1_TIME_print(out, X509_get0_notBefore(x));
		BIO_puts(out, "\n");
		} else if (enddate == i) {
		BIO_puts(out, "notAfter=");
		ASN1_TIME_print(out, X509_get_notAfter(x));
		ASN1_TIME_print(out, X509_get0_notAfter(x));
		BIO_puts(out, "\n");
		} else if (fingerprint == i) {
		int j;
		@@ -837,7 +837,7 @@ int x509_main(int argc, char **argv)
		if (checkend) {
		time_t tcheck = time(NULL) + checkoffset;

		if (X509_cmp_time(X509_get_notAfter(x), &tcheck) < 0) {
		if (X509_cmp_time(X509_get0_notAfter(x), &tcheck) < 0) {
		BIO_printf(out, "Certificate will expire\n");
		ret = 1;
		} else {