projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Check that SCT timestamps are not in the future
[openssl.git]
/
crypto
/
ct
/
ct_sct.c
diff --git
a/crypto/ct/ct_sct.c
b/crypto/ct/ct_sct.c
index 2f0fef78337350e38d16701125bd2c6cd71c1f4d..1b13d9e6cb1b1945ee5fc92822688756661212e4 100644
(file)
--- a/
crypto/ct/ct_sct.c
+++ b/
crypto/ct/ct_sct.c
@@
-332,6
+332,8
@@
int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx)
goto err;
}
+ SCT_CTX_set_time(sctx, ctx->epoch_time_in_ms);
+
/*
* XXX: Potential for optimization. This repeats some idempotent heavy
* lifting on the certificate for each candidate SCT, and appears to not