Commit f2e59094 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

implement -attime option as a verify parameter then it works with all relevant applications

parent 6a4b87eb

apps/apps.c

+25 −0
Original line number Diff line number Diff line
@@ -2256,6 +2256,7 @@ int args_verify(char ***pargs, int *pargc, 
	int purpose = 0, depth = -1;

	char **oldargs = *pargs;

	char *arg = **pargs, *argn = (*pargs)[1];

	time_t at_time = 0;

	if (!strcmp(arg, "-policy"))

		{

		if (!argn)
@@ -2308,6 +2309,27 @@ int args_verify(char ***pargs, int *pargc, 
			}

		(*pargs)++;

		}

	else if (strcmp(arg,"-attime") == 0)

		{

		if (!argn)

			*badarg = 1;

		else

			{

			long timestamp;

			/* interpret the -attime argument as seconds since

			 * Epoch */

			if (sscanf(argn, "%li", &timestamp) != 1)

				{

				BIO_printf(bio_err,

						"Error parsing timestamp %s\n",

					   	argn);

				*badarg = 1;

				}

			/* on some platforms time_t may be a float */

			at_time = (time_t) timestamp;

			}

		(*pargs)++;

		}

	else if (!strcmp(arg, "-ignore_critical"))

		flags |= X509_V_FLAG_IGNORE_CRITICAL;

	else if (!strcmp(arg, "-issuer_checks"))
@@ -2362,6 +2384,9 @@ int args_verify(char ***pargs, int *pargc, 
	if (depth >= 0)

		X509_VERIFY_PARAM_set_depth(*pm, depth);



	if (at_time) 

		X509_VERIFY_PARAM_set_time(*pm, at_time);



	end:



	(*pargs)++;