diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2015-10-08 02:42:59 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2015-10-08 02:42:59 +0000 |
| commit | ab54d0e29d3b6031f0474cf25e6bf22ca4090509 (patch) | |
| tree | 947d9e7fa0c4f167f8f35fdc869f4a535ef81806 /lib | |
| parent | 1039da71639b34cb0755aa3ad7ad9a8313996042 (diff) | |
Rip the guts out of another gibbering horror of a time comparison function, and
mark it as #ifndef LIBRESSL_INTERNAL at least we don't use this.
ok jsing@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/asn1/a_utctm.c | 56 | ||||
| -rw-r--r-- | lib/libcrypto/asn1/asn1.h | 5 |
2 files changed, 24 insertions, 37 deletions
diff --git a/lib/libcrypto/asn1/a_utctm.c b/lib/libcrypto/asn1/a_utctm.c index 02d511789ab..495c497bc8d 100644 --- a/lib/libcrypto/asn1/a_utctm.c +++ b/lib/libcrypto/asn1/a_utctm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_utctm.c,v 1.31 2015/10/08 02:29:11 beck Exp $ */ +/* $OpenBSD: a_utctm.c,v 1.32 2015/10/08 02:42:58 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -149,39 +149,25 @@ ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec) } int -ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) +ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t2) { - struct tm *tm; - struct tm data; - int offset; - int year; - -#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') - - if (s->data[12] == 'Z') - offset = 0; - else { - offset = g2(s->data + 13)*60 + g2(s->data + 15); - if (s->data[12] == '-') - offset = -offset; - } - - t -= offset * 60; /* FIXME: may overflow in extreme cases */ - - tm = gmtime_r(&t, &data); - -#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 - year = g2(s->data); - if (year < 50) - year += 100; - return_cmp(year, tm->tm_year); - return_cmp(g2(s->data + 2) - 1, tm->tm_mon); - return_cmp(g2(s->data + 4), tm->tm_mday); - return_cmp(g2(s->data + 6), tm->tm_hour); - return_cmp(g2(s->data + 8), tm->tm_min); - return_cmp(g2(s->data + 10), tm->tm_sec); -#undef g2 -#undef return_cmp - - return 0; + struct tm tm1; + time_t t1; + + /* + * This function has never handled failure conditions properly + * and should be deprecated. BoringSSL makes it return -2 on + * failures, the OpenSSL version follows NULL pointers instead. + */ + if (asn1_time_parse(s->data, s->length, &tm1, V_ASN1_UTCTIME) == -1) + return (-2); /* XXX */ + + if ((t1 = timegm(&tm1)) == -1) + return (-2); /* XXX */ + + if (t1 < t2) + return (-1); + if (t1 > t2) + return (1); + return (0); } diff --git a/lib/libcrypto/asn1/asn1.h b/lib/libcrypto/asn1/asn1.h index d1626944b7e..9905df5f74e 100644 --- a/lib/libcrypto/asn1/asn1.h +++ b/lib/libcrypto/asn1/asn1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1.h,v 1.32 2015/10/08 02:29:11 beck Exp $ */ +/* $OpenBSD: asn1.h,v 1.33 2015/10/08 02:42:58 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -812,8 +812,9 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t); ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec); int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); +#ifndef LIBRESSL_INTERNAL int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); - +#endif int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, time_t t); |