Experimental new date handling routines. These fix issues with X509_time_adj() (87d3a0cd) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

CHANGES

+8 −0

Original line number	Diff line number	Diff line
		@@ -4,6 +4,14 @@

		Changes between 0.9.8j and 0.9.9 [xx XXX xxxx]

		*) New function OPENSSL_gmtime_adj() to add a specific number of days and
		seconds to a tm structure directly, instead of going through OS
		specific date routines. This avoids any issues with OS routines such
		as the year 2038 bug. New *_adj() functions for ASN1 time structures
		and X509_time_adj_ex() to cover the extended range. The existing
		X509_time_adj() is still usable and will no longer have any date issues.
		[Steve Henson]

		*) Delta CRL support. New use deltas option which will attempt to locate
		and search any appropriate delta CRLs available.

+2 −2

Original line number	Diff line number	Diff line
		@@ -1399,7 +1399,7 @@ bad:
		if (!tmptm) goto err;
		X509_gmtime_adj(tmptm,0);
		X509_CRL_set_lastUpdate(crl, tmptm);
		X509_gmtime_adj(tmptm,(crldays24+crlhours)60*60 + crlsec);
		X509_time_adj_ex(tmptm, crldays, crlhours6060 + crlsec, NULL);
		X509_CRL_set_nextUpdate(crl, tmptm);

		ASN1_TIME_free(tmptm);
		@@ -2006,7 +2006,7 @@ again2:
		else ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate);

		if (enddate == NULL)
		X509_gmtime_adj(X509_get_notAfter(ret),(long)606024*days);
		X509_time_adj_ex(X509_get_notAfter(ret),days, 0, NULL);
		else ASN1_UTCTIME_set_string(X509_get_notAfter(ret),enddate);

		if (!X509_set_subject_name(ret,subject)) goto err;

+1 −1

Original line number	Diff line number	Diff line
		@@ -838,7 +838,7 @@ loop:

		if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
		if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end;
		if (!X509_gmtime_adj(X509_get_notAfter(x509ss), (long)606024*days)) goto end;
		if (!X509_time_adj_ex(X509_get_notAfter(x509ss), days, 0, NULL)) goto end;
		if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
		tmppkey = X509_REQ_get_pubkey(req);
		if (!tmppkey \|\| !X509_set_pubkey(x509ss,tmppkey)) goto end;

+12 −0

Original line number	Diff line number	Diff line
		@@ -210,6 +210,12 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME s, const char str)

		ASN1_GENERALIZEDTIME ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME s,
		time_t t)
		{
		return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0);
		}

		ASN1_GENERALIZEDTIME ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME s,
		time_t t, int offset_day, long offset_sec)
		{
		char *p;
		struct tm *ts;
		@@ -225,6 +231,12 @@ ASN1_GENERALIZEDTIME ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME s,
		if (ts == NULL)
		return(NULL);

		if (offset_day \|\| offset_sec)
		{
		if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
		return NULL;
		}

		p=(char *)s->data;
		if ((p == NULL) \|\| ((size_t)s->length < len))
		{

+13 −2

Original line number	Diff line number	Diff line
		@@ -100,6 +100,12 @@ int i2d_ASN1_TIME(ASN1_TIME a, unsigned char *pp)

		ASN1_TIME ASN1_TIME_set(ASN1_TIME s, time_t t)
		{
		return ASN1_TIME_adj(s, t, 0, 0);
		}

		ASN1_TIME ASN1_TIME_adj(ASN1_TIME s, time_t t,
		int offset_day, long offset_sec)
		{
		struct tm *ts;
		struct tm data;

		@@ -109,9 +115,14 @@ ASN1_TIME ASN1_TIME_set(ASN1_TIME s, time_t t)
		ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME);
		return NULL;
		}
		if (offset_day \|\| offset_sec)
		{
		if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
		return NULL;
		}
		if((ts->tm_year >= 50) && (ts->tm_year < 150))
		return ASN1_UTCTIME_set(s, t);
		return ASN1_GENERALIZEDTIME_set(s,t);
		return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
		return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
		}

		int ASN1_TIME_check(ASN1_TIME *t)