Commit 9b5cc156 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Continued patches so certificates and CRLs now can support and use 

GeneralizedTime.
parent 6f935399

CHANGES

+8 −0
Original line number Diff line number Diff line
@@ -5,6 +5,13 @@ 


 Changes between 0.9.1c and 0.9.2



  *) Continuing patches for GeneralizedTime. Fix up certificate and CRL

     ASN1 to use ASN1_TIME and modify print routines to use ASN1_TIME_print.

     Removed the versions check from X509 routines when loading extensions:

     this allows certain broken certificates that don't set the version

     properly to be processed.

     [Steve Henson]



  *) Deal with irritating shit to do with dependencies, in YAAHW (Yet Another

     Ad Hoc Way) - Makefile.ssls now all contain local dependencies, which

     can still be regenerated with "make depend".
@@ -22,6 +29,7 @@ 
     C file. To rebuild all the error codes from scratch (the old behaviour)

     either modify crypto/Makefile.ssl to pass the -regen flag to err_code.pl

     or delete all the .err files.

     [Steve Henson]



  *) CAST-128 was incorrectly implemented for short keys. The C version has

     been fixed, but is untested. The assembler versions are also fixed, but

apps/crl.c

+3 −3
Original line number Diff line number Diff line
@@ -214,14 +214,14 @@ bad: 
			if (lastupdate == i)

				{

				fprintf(stdout,"lastUpdate=");

				ASN1_UTCTIME_print(bio_out,x->crl->lastUpdate);

				ASN1_TIME_print(bio_out,x->crl->lastUpdate);

				fprintf(stdout,"\n");

				}

			if (nextupdate == i)

				{

				fprintf(stdout,"nextUpdate=");

				if (x->crl->nextUpdate != NULL)

					ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);

					ASN1_TIME_print(bio_out,x->crl->nextUpdate);

				else

					fprintf(stdout,"NONE");

				fprintf(stdout,"\n");
@@ -264,7 +264,7 @@ bad: 
			fprintf(stdout,"revoked: serialNumber=");

			i2a_ASN1_INTEGER(out,r->serialNumber);

			fprintf(stdout," revocationDate=");

			ASN1_UTCTIME_print(bio_out,r->revocationDate);

			ASN1_TIME_print(bio_out,r->revocationDate);

			fprintf(stdout,"\n");

			}

		sk_free(sk);

apps/pkcs7.c

+2 −2
Original line number Diff line number Diff line
@@ -277,9 +277,9 @@ bad: 
				BIO_puts(out,buf);



				BIO_puts(out,"\nlast update=");

				ASN1_UTCTIME_print(out,crl->crl->lastUpdate);

				ASN1_TIME_print(out,crl->crl->lastUpdate);

				BIO_puts(out,"\nnext update=");

				ASN1_UTCTIME_print(out,crl->crl->nextUpdate);

				ASN1_TIME_print(out,crl->crl->nextUpdate);

				BIO_puts(out,"\n");



				PEM_write_bio_X509_CRL(out,crl);

apps/s_cb.c

+2 −2
Original line number Diff line number Diff line
@@ -109,13 +109,13 @@ X509_STORE_CTX *ctx; 
	case X509_V_ERR_CERT_NOT_YET_VALID:

	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:

		BIO_printf(bio_err,"notBefore=");

		ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));

		ASN1_TIME_print(bio_err,X509_get_notBefore(ctx->current_cert));

		BIO_printf(bio_err,"\n");

		break;

	case X509_V_ERR_CERT_HAS_EXPIRED:

	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:

		BIO_printf(bio_err,"notAfter=");

		ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));

		ASN1_TIME_print(bio_err,X509_get_notAfter(ctx->current_cert));

		BIO_printf(bio_err,"\n");

		break;

		}

apps/x509.c

+2 −2
Original line number Diff line number Diff line
@@ -550,13 +550,13 @@ bad: 
			else if (startdate == i)

				{

				BIO_puts(STDout,"notBefore=");

				ASN1_UTCTIME_print(STDout,X509_get_notBefore(x));

				ASN1_TIME_print(STDout,X509_get_notBefore(x));

				BIO_puts(STDout,"\n");

				}

			else if (enddate == i)

				{

				BIO_puts(STDout,"notAfter=");

				ASN1_UTCTIME_print(STDout,X509_get_notAfter(x));

				ASN1_TIME_print(STDout,X509_get_notAfter(x));

				BIO_puts(STDout,"\n");

				}

			else if (fingerprint == i)