diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2017-08-13 19:47:50 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2017-08-13 19:47:50 +0000 |
| commit | e68f905a604750c7bfbdf0052ba18d2f0da0e8b8 (patch) | |
| tree | ce9feb8a20538e2ec3cddf098a4e9f95f1bb2a53 /lib/libcrypto/x509/x509_vfy.c | |
| parent | 148a2f57ae7a83d2123790e9db32cca6e7a5b194 (diff) | |
Add ability to clamp a notafter to values representable in a 32 bit time_t
This will only be used in portable. As noted, necessary to
make us conformant to RFC 5280 4.1.2.5.
ok jsing@ bcook@
Diffstat (limited to 'lib/libcrypto/x509/x509_vfy.c')
| -rw-r--r-- | lib/libcrypto/x509/x509_vfy.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index 0d01301446b..23ecf63d607 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.c,v 1.64 2017/04/28 23:03:58 beck Exp $ */ +/* $OpenBSD: x509_vfy.c,v 1.65 2017/08/13 19:47:49 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -73,8 +73,9 @@ #include <openssl/objects.h> #include <openssl/x509.h> #include <openssl/x509v3.h> -#include "x509_lcl.h" +#include "asn1_locl.h" #include "vpm_int.h" +#include "x509_lcl.h" /* CRL score values */ @@ -137,6 +138,8 @@ static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, static int check_crl_path(X509_STORE_CTX *ctx, X509 *x); static int check_crl_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *cert_path, STACK_OF(X509) *crl_path); +static int X509_cmp_time_internal(const ASN1_TIME *ctm, time_t *cmp_time, + int clamp_notafter); static int internal_verify(X509_STORE_CTX *ctx); @@ -1745,7 +1748,7 @@ x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int depth) X509_V_ERR_CERT_NOT_YET_VALID)) return 0; - i = X509_cmp_time(X509_get_notAfter(x), ptime); + i = X509_cmp_time_internal(X509_get_notAfter(x), ptime, 1); if (i <= 0 && depth < 0) return 0; if (i == 0 && !verify_cb_cert(ctx, x, depth, @@ -1852,8 +1855,8 @@ X509_cmp_current_time(const ASN1_TIME *ctm) * 1 if the ASN1_time is later than *cmp_time. * 0 on error. */ -int -X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) +static int +X509_cmp_time_internal(const ASN1_TIME *ctm, time_t *cmp_time, int clamp_notafter) { time_t time1, time2; struct tm tm1, tm2; @@ -1877,6 +1880,12 @@ X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) if (tm1.tm_year >= 150 && type != V_ASN1_GENERALIZEDTIME) goto out; + if (clamp_notafter) { + /* Allow for completely broken operating systems. */ + if (!ASN1_time_tm_clamp_notafter(&tm1)) + goto out; + } + /* * Defensively fail if the time string is not representable as * a time_t. A time_t must be sane if you care about times after @@ -1895,6 +1904,13 @@ X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) return (ret); } +int +X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) +{ + return X509_cmp_time_internal(ctm, cmp_time, 0); +} + + ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj) { |