PR: 2013
authorDr. Stephen Henson <steve@openssl.org>
Wed, 2 Sep 2009 13:55:22 +0000 (13:55 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 2 Sep 2009 13:55:22 +0000 (13:55 +0000)
Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.

apps/ca.c
crypto/asn1/asn1.h
crypto/asn1/tasn_new.c
crypto/x509/x509_vfy.c

index aabf86b..007b501 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1403,7 +1403,12 @@ bad:
                if (!tmptm) goto err;
                X509_gmtime_adj(tmptm,0);
                X509_CRL_set_lastUpdate(crl, tmptm);    
-               X509_time_adj_ex(tmptm, crldays, crlhours*60*60 + crlsec, NULL);
+               if (!X509_time_adj_ex(tmptm, crldays, crlhours*60*60 + crlsec,
+                       NULL))
+                       {
+                       BIO_puts(bio_err, "error setting CRL nextUpdate\n");
+                       goto err;
+                       }
                X509_CRL_set_nextUpdate(crl, tmptm);    
 
                ASN1_TIME_free(tmptm);
index f202e23..dfc6790 100644 (file)
@@ -230,6 +230,10 @@ typedef struct asn1_object_st
  */
 
 #define ASN1_STRING_FLAG_CONT 0x020 
+/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+ * type.
+ */
+#define ASN1_STRING_FLAG_MSTRING 0x040 
 /* This is the base type that holds just about everything :-) */
 typedef struct asn1_string_st
        {
index c816e51..0d9e78c 100644 (file)
@@ -325,6 +325,7 @@ static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
 int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
        {
        ASN1_TYPE *typ;
+       ASN1_STRING *str;
        int utype;
 
        if (it && it->funcs)
@@ -362,7 +363,10 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
                break;
 
                default:
-               *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype);
+               str = ASN1_STRING_type_new(utype);
+               if (it->itype == ASN1_ITYPE_MSTRING && str)
+                       str->flags |= ASN1_STRING_FLAG_MSTRING;
+               *pval = (ASN1_VALUE *)str;
                break;
                }
        if (*pval)
index 200a9cc..62b0144 100644 (file)
@@ -1765,10 +1765,14 @@ ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
        else time(&t);
 
        if (s) type = s->type;
-       if (type == V_ASN1_UTCTIME)
-               return ASN1_UTCTIME_adj(s,t, offset_day, offset_sec);
-       if (type == V_ASN1_GENERALIZEDTIME)
-               return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
+       if (!(s->flags & ASN1_STRING_FLAG_MSTRING))
+               {
+               if (type == V_ASN1_UTCTIME)
+                       return ASN1_UTCTIME_adj(s,t, offset_day, offset_sec);
+               if (type == V_ASN1_GENERALIZEDTIME)
+                       return ASN1_GENERALIZEDTIME_adj(s, t, offset_day,
+                                                               offset_sec);
+               }
        return ASN1_TIME_adj(s, t, offset_day, offset_sec);
        }