projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b169c0e) | patch
X509 time: tighten validation per RFC 5280
authorEmilia Kasper <emilia@openssl.org>
Fri, 17 Feb 2017 18:00:15 +0000 (19:00 +0100)
committerEmilia Kasper <emilia@openssl.org>
Fri, 24 Feb 2017 16:37:08 +0000 (17:37 +0100)
commit80770da39ebba0101079477611b7ce2f426653c5
treedf2d381df58d8d0e9ad68dead17ea96c1ad17ddbtree | snapshot
parentb169c0ec40408566270fb638bcbfab01a0d2dc60commit | diff
X509 time: tighten validation per RFC 5280

- Reject fractional seconds
- Reject offsets
- Check that the date/time digits are in valid range.
- Add documentation for X509_cmp_time

GH issue 2620

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
CHANGES diff | blob | history
crypto/x509/x509_vfy.c diff | blob | history
doc/man3/X509_cmp_time.pod [new file with mode: 0644] blob
test/build.info diff | blob | history
test/recipes/60-test_x509_time.t [new file with mode: 0644] blob
test/x509_time_test.c [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.