[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Thu Jan 12 15:07:11 UTC 2017
The branch master has been updated
via 329f2f4a428b0acb7a579869a13f6cd6bf0a3551 (commit)
from 65c1f979ee9346d63bb6e81f25bb7dffda99b342 (commit)
- Log -----------------------------------------------------------------
commit 329f2f4a428b0acb7a579869a13f6cd6bf0a3551
Author: Rich Salz <rsalz at openssl.org>
Date: Tue Jan 10 16:18:33 2017 -0500
GH2176: Add X509_VERIFY_PARAM_get_time
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2208)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x509_vpm.c | 5 +++++
doc/man3/X509_VERIFY_PARAM_set_flags.pod | 2 ++
include/openssl/x509_vfy.h | 1 +
test/crltest.c | 8 +++++++-
util/libcrypto.num | 1 +
5 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index 9e1b7c6..95f1c5b 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -320,6 +320,11 @@ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level)
param->auth_level = auth_level;
}
+time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param)
+{
+ return param->check_time;
+}
+
void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
{
param->check_time = t;
diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
index 388fdc2..76f1901 100644
--- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
@@ -9,6 +9,7 @@ X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags,
X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth,
X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level,
X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time,
+X509_VERIFY_PARAM_get_time,
X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies,
X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host,
X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get0_peername,
@@ -34,6 +35,7 @@ X509_VERIFY_PARAM_set1_ip_asc
int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
index 5dc9d06..64f56df 100644
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h
@@ -459,6 +459,7 @@ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level);
+time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
diff --git a/test/crltest.c b/test/crltest.c
index d95f060..11585ea 100644
--- a/test/crltest.c
+++ b/test/crltest.c
@@ -19,6 +19,8 @@
#include "testutil.h"
#include "test_main.h"
+#define PARAM_TIME 1474934400 /* Sep 27th, 2016 */
+
static const char *kCRLTestRoot[] = {
"-----BEGIN CERTIFICATE-----\n",
"MIIDbzCCAlegAwIBAgIJAODri7v0dDUFMA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV\n",
@@ -253,7 +255,11 @@ static int verify(X509 *leaf, X509 *root, STACK_OF(X509_CRL) *crls,
goto err;
X509_STORE_CTX_set0_trusted_stack(ctx, roots);
X509_STORE_CTX_set0_crls(ctx, crls);
- X509_VERIFY_PARAM_set_time(param, 1474934400 /* Sep 27th, 2016 */);
+ X509_VERIFY_PARAM_set_time(param, PARAM_TIME);
+ if (X509_VERIFY_PARAM_get_time(param) != PARAM_TIME) {
+ fprintf(stderr, "set_time/get_time mismatch.\n");
+ goto err;
+ }
X509_VERIFY_PARAM_set_depth(param, 16);
if (flags)
X509_VERIFY_PARAM_set_flags(param, flags);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 1c81545..f30b5d9 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4227,3 +4227,4 @@ RSA_pkey_ctx_ctrl 4177 1_1_1 EXIST::FUNCTION:RSA
UI_method_set_ex_data 4178 1_1_1 EXIST::FUNCTION:UI
UI_method_get_ex_data 4179 1_1_1 EXIST::FUNCTION:UI
UI_UTIL_wrap_read_pem_callback 4180 1_1_1 EXIST::FUNCTION:UI
+X509_VERIFY_PARAM_get_time 4181 1_1_0d EXIST::FUNCTION:
More information about the openssl-commits
mailing list