diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-08-19 12:39:57 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-08-19 18:40:55 +0100 |
commit | 568ce3a583a17c33feacbf5028ece9f7f0680478 (patch) | |
tree | f55156e99147d3139ad974b7a9c44925982bf987 /apps | |
parent | c4fbed6c3139726fc719a703d2195f3b6426b748 (diff) | |
download | openssl-568ce3a583a17c33feacbf5028ece9f7f0680478.tar.gz |
Constify certificate and CRL time routines.
Update certificate and CRL time routines to match new standard.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'apps')
-rw-r--r-- | apps/apps.c | 4 | ||||
-rw-r--r-- | apps/ca.c | 16 | ||||
-rw-r--r-- | apps/crl.c | 6 | ||||
-rw-r--r-- | apps/s_cb.c | 4 | ||||
-rw-r--r-- | apps/x509.c | 6 |
5 files changed, 18 insertions, 18 deletions
diff --git a/apps/apps.c b/apps/apps.c index 1ce632f003..23c65698ff 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2604,7 +2604,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, goto err; } - if (!X509_set_notBefore(x, tm)) + if (!X509_set1_notBefore(x, tm)) goto err; if (enddate == NULL) { @@ -2614,7 +2614,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, goto err; } - if (!X509_set_notAfter(x, tm)) + if (!X509_set1_notAfter(x, tm)) goto err; rv = 1; @@ -1100,13 +1100,13 @@ end_of_options: if (tmptm == NULL) goto end; X509_gmtime_adj(tmptm, 0); - X509_CRL_set_lastUpdate(crl, tmptm); + X509_CRL_set1_lastUpdate(crl, tmptm); if (!X509_time_adj_ex(tmptm, crldays, crlhours * 60 * 60 + crlsec, NULL)) { BIO_puts(bio_err, "error setting CRL nextUpdate\n"); goto end; } - X509_CRL_set_nextUpdate(crl, tmptm); + X509_CRL_set1_nextUpdate(crl, tmptm); ASN1_TIME_free(tmptm); @@ -1377,7 +1377,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, { X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject = NULL; - ASN1_UTCTIME *tm; + const ASN1_TIME *tm; ASN1_STRING *str, *str2; ASN1_OBJECT *obj; X509 *ret = NULL; @@ -1703,7 +1703,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if (enddate != NULL) { int tdays; - ASN1_TIME_diff(&tdays, NULL, NULL, X509_get_notAfter(ret)); + ASN1_TIME_diff(&tdays, NULL, NULL, X509_get0_notAfter(ret)); days = tdays; } @@ -1789,7 +1789,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, } BIO_printf(bio_err, "Certificate is to be certified until "); - ASN1_TIME_print(bio_err, X509_get_notAfter(ret)); + ASN1_TIME_print(bio_err, X509_get0_notAfter(ret)); if (days) BIO_printf(bio_err, " (%ld days)", days); BIO_printf(bio_err, "\n"); @@ -1822,7 +1822,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, /* We now just add it to the database */ row[DB_type] = OPENSSL_strdup("V"); - tm = X509_get_notAfter(ret); + tm = X509_get0_notAfter(ret); row[DB_exp_date] = app_malloc(tm->length + 1, "row expdate"); memcpy(row[DB_exp_date], tm->data, tm->length); row[DB_exp_date][tm->length] = '\0'; @@ -2021,7 +2021,7 @@ static int check_time_format(const char *str) static int do_revoke(X509 *x509, CA_DB *db, int type, char *value) { - ASN1_UTCTIME *tm = NULL; + const ASN1_TIME *tm = NULL; char *row[DB_NUMBER], **rrow, **irow; char *rev_str = NULL; BIGNUM *bn = NULL; @@ -2054,7 +2054,7 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value) /* We now just add it to the database */ row[DB_type] = OPENSSL_strdup("V"); - tm = X509_get_notAfter(x509); + tm = X509_get0_notAfter(x509); row[DB_exp_date] = app_malloc(tm->length + 1, "row exp_data"); memcpy(row[DB_exp_date], tm->data, tm->length); row[DB_exp_date][tm->length] = '\0'; diff --git a/apps/crl.c b/apps/crl.c index 3dbbc0cda2..5e0fbe5899 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -285,13 +285,13 @@ int crl_main(int argc, char **argv) #endif if (lastupdate == i) { BIO_printf(bio_out, "lastUpdate="); - ASN1_TIME_print(bio_out, X509_CRL_get_lastUpdate(x)); + ASN1_TIME_print(bio_out, X509_CRL_get0_lastUpdate(x)); BIO_printf(bio_out, "\n"); } if (nextupdate == i) { BIO_printf(bio_out, "nextUpdate="); - if (X509_CRL_get_nextUpdate(x)) - ASN1_TIME_print(bio_out, X509_CRL_get_nextUpdate(x)); + if (X509_CRL_get0_nextUpdate(x)) + ASN1_TIME_print(bio_out, X509_CRL_get0_nextUpdate(x)); else BIO_printf(bio_out, "NONE"); BIO_printf(bio_out, "\n"); diff --git a/apps/s_cb.c b/apps/s_cb.c index e960b9469b..9535f12690 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -82,13 +82,13 @@ int verify_callback(int ok, X509_STORE_CTX *ctx) case X509_V_ERR_CERT_NOT_YET_VALID: case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: BIO_printf(bio_err, "notBefore="); - ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert)); + ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert)); BIO_printf(bio_err, "\n"); break; case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: BIO_printf(bio_err, "notAfter="); - ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert)); + ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert)); BIO_printf(bio_err, "\n"); break; case X509_V_ERR_NO_EXPLICIT_POLICY: diff --git a/apps/x509.c b/apps/x509.c index 0cb38b796a..05aa5547cd 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -746,11 +746,11 @@ int x509_main(int argc, char **argv) X509_print_ex(out, x, nmflag, certflag); } else if (startdate == i) { BIO_puts(out, "notBefore="); - ASN1_TIME_print(out, X509_get_notBefore(x)); + ASN1_TIME_print(out, X509_get0_notBefore(x)); BIO_puts(out, "\n"); } else if (enddate == i) { BIO_puts(out, "notAfter="); - ASN1_TIME_print(out, X509_get_notAfter(x)); + ASN1_TIME_print(out, X509_get0_notAfter(x)); BIO_puts(out, "\n"); } else if (fingerprint == i) { int j; @@ -837,7 +837,7 @@ int x509_main(int argc, char **argv) if (checkend) { time_t tcheck = time(NULL) + checkoffset; - if (X509_cmp_time(X509_get_notAfter(x), &tcheck) < 0) { + if (X509_cmp_time(X509_get0_notAfter(x), &tcheck) < 0) { BIO_printf(out, "Certificate will expire\n"); ret = 1; } else { |