- x509parse_time_expired() checks time now in addition to the existing date check

This commit is contained in:
Paul Bakker 2011-01-16 21:40:22 +00:00
parent a056efc8f9
commit b619499eb3
2 changed files with 25 additions and 0 deletions

View file

@ -18,6 +18,10 @@ Note: Most of these features have been donated by Fox-IT
+ Added verification callback on certificate chain + Added verification callback on certificate chain
verification to allow external blacklisting verification to allow external blacklisting
Changes
* x509parse_time_expired() checks time in addition to
the existing date check
= Version 0.14.0 released on 2010-08-16 = Version 0.14.0 released on 2010-08-16
Features Features
* Added support for SSL_EDH_RSA_AES_128_SHA and * Added support for SSL_EDH_RSA_AES_128_SHA and

View file

@ -2584,6 +2584,27 @@ int x509parse_time_expired( const x509_time *to )
lt->tm_mday > to->day ) lt->tm_mday > to->day )
return( 1 ); return( 1 );
if( lt->tm_year == to->year - 1900 &&
lt->tm_mon == to->mon - 1 &&
lt->tm_mday == to->day &&
lt->tm_hour > to->hour - 1)
return( 1 );
if( lt->tm_year == to->year - 1900 &&
lt->tm_mon == to->mon - 1 &&
lt->tm_mday == to->day &&
lt->tm_hour == to->hour - 1 &&
lt->tm_min > to->min - 1 )
return( 1 );
if( lt->tm_year == to->year - 1900 &&
lt->tm_mon == to->mon - 1 &&
lt->tm_mday == to->day &&
lt->tm_hour == to->hour - 1 &&
lt->tm_min == to->min - 1 &&
lt->tm_sec > to->sec - 1 )
return( 1 );
return( 0 ); return( 0 );
} }