Fix to stop X509_time_adj() using GeneralizedTime.

2 files changed, 14 insertions, 3 deletions

diff --git a/CHANGES b/CHANGES
index f548204e31..f5d92ae113 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,15 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Make X509_time_adj() cope with the new behaviour of ASN1_TIME_new().
+     Previously it initialised the 'type' argument to V_ASN1_UTCTIME which
+     effectively meant GeneralizedTime would never be used. Now it
+     is initialised to -1 but X509_time_adj() now has to check the value
+     and use ASN1_TIME_set() if the value is not V_ASN1_UTCTIME or
+     V_ASN1_GENERALIZEDTIME, without this it always uses GeneralizedTime.
+     [Steve Henson, reported by Kenneth R. Robinette
+				<support@securenetterm.com>]
+
   *) Fixes to BN_to_ASN1_INTEGER when bn is zero. This would previously
      result in a zero length in the ASN1_INTEGER structure which was
      not consistent with the structure when d2i_ASN1_INTEGER() was used
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 32515cbcc4..73eecd6ee4 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -645,14 +645,16 @@ ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
 ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
 	{
 	time_t t;
+	int type = -1;
 
 	if (in_tm) t = *in_tm;
 	else time(&t);
 
 	t+=adj;
-	if (!s) return ASN1_TIME_set(s, t);
-	if (s->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
-	return ASN1_GENERALIZEDTIME_set(s, t);
+	if (s) type = s->type;
+	if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
+	if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t);
+	return ASN1_TIME_set(s, t);
 	}
 
 int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)