projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 29627a3) | patch
X509 time: tighten validation per RFC 5280
authorEmilia Kasper <emilia@openssl.org>
Fri, 17 Feb 2017 18:00:15 +0000 (19:00 +0100)
committerDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Sat, 5 May 2018 19:30:39 +0000 (21:30 +0200)
commit414d19d0341407b211c64729df37889e2c572e12
tree3a052531d8a685bc30371027602d26756ad45c3btree | snapshot
parent29627a364be80f8c30fe7824bc3642d43d7e2c0acommit | diff
X509 time: tighten validation per RFC 5280

- Reject fractional seconds
- Reject offsets
- Check that the date/time digits are in valid range.
- Add documentation for X509_cmp_time

GH issue 2620

Backported from 80770da39e

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6181)
CHANGES diff | blob | history
crypto/x509/x509_vfy.c diff | blob | history
doc/man3/X509_cmp_time.pod [new file with mode: 0644] blob
test/build.info diff | blob | history
test/recipes/60-test_x509_time.t [new file with mode: 0644] blob
test/x509_time_test.c [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.