GH2176: Add X509_VERIFY_PARAM_get_time

author Rich Salz <rsalz@openssl.org>

Tue, 10 Jan 2017 21:18:33 +0000 (16:18 -0500)

committer Rich Salz <rsalz@openssl.org>

Thu, 12 Jan 2017 15:08:24 +0000 (10:08 -0500)
author Rich Salz <rsalz@openssl.org>
Tue, 10 Jan 2017 21:18:33 +0000 (16:18 -0500)
committer Rich Salz <rsalz@openssl.org>
Thu, 12 Jan 2017 15:08:24 +0000 (10:08 -0500)
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c

index 245b3fadbaa62ca80ec07c66d3669f7f75406f0f..b5067220adbe221dd91170a88482d7be642cd179 100644 (file)
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -337,6 +337,11 @@ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level)
      param->auth_level = auth_level;
  }
  
+time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param)
+{
+    return param->check_time;
+}
+
  void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
  {
      param->check_time = t;
diff --git a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod

index 388fdc212ead733948dcea7f1be8cafea5cd658d..76f1901108a2ef55ad66c6e4195f25209898810b 100644 (file)
--- a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
@@ -9,6 +9,7 @@ X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags,
  X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth,
  X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level,
  X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time,
+X509_VERIFY_PARAM_get_time,
  X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies,
  X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host,
  X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get0_peername,
@@ -34,6 +35,7 @@ X509_VERIFY_PARAM_set1_ip_asc
   int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
  
   void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
  
   int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
                                          ASN1_OBJECT *policy);
diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h

index 5dc9d063fc57f7252d2a020b696004a1e2069927..64f56df7f07cc1453ce2f034e3b2608b1fb457be 100644 (file)
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h
@@ -459,6 +459,7 @@ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
  int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
  void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
  void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level);
+time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
  void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
  int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
                                    ASN1_OBJECT *policy);
diff --git a/test/crltest.c b/test/crltest.c

index ddcc7853f6e0bc804f3af2bc324055eafec865fe..74db9444cdcc1b2e07b30f5cca04bc09845e2aad 100644 (file)
--- a/test/crltest.c
+++ b/test/crltest.c
@@ -18,6 +18,8 @@
  
  #include "testutil.h"
  
+#define PARAM_TIME 1474934400 /* Sep 27th, 2016 */
+
  static const char *kCRLTestRoot[] = {
      "-----BEGIN CERTIFICATE-----\n",
      "MIIDbzCCAlegAwIBAgIJAODri7v0dDUFMA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV\n",
@@ -252,7 +254,11 @@ static int verify(X509 *leaf, X509 *root, STACK_OF(X509_CRL) *crls,
          goto err;
      X509_STORE_CTX_set0_trusted_stack(ctx, roots);
      X509_STORE_CTX_set0_crls(ctx, crls);
-    X509_VERIFY_PARAM_set_time(param, 1474934400 /* Sep 27th, 2016 */);
+    X509_VERIFY_PARAM_set_time(param, PARAM_TIME);
+    if (X509_VERIFY_PARAM_get_time(param) != PARAM_TIME) {
+        fprintf(stderr, "set_time/get_time mismatch.\n");
+        goto err;
+    }
      X509_VERIFY_PARAM_set_depth(param, 16);
      if (flags)
          X509_VERIFY_PARAM_set_flags(param, flags);
diff --git a/util/libcrypto.num b/util/libcrypto.num

index 19553505afd1b5a2ad2b5a4445481a96e0e3623e..b0de30af0e427b3a9e3cc2e8516c934851c32a8f 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4212,3 +4212,4 @@ CT_POLICY_EVAL_CTX_get_time             4172      1_1_0d  EXIST::FUNCTION:CT
  CT_POLICY_EVAL_CTX_set_time             4173   1_1_0d  EXIST::FUNCTION:CT
  X509_VERIFY_PARAM_set_inh_flags         4174   1_1_0d  EXIST::FUNCTION:
  X509_VERIFY_PARAM_get_inh_flags         4175   1_1_0d  EXIST::FUNCTION:
+X509_VERIFY_PARAM_get_time              4181   1_1_0d  EXIST::FUNCTION:
author	Rich Salz <rsalz@openssl.org>
	Tue, 10 Jan 2017 21:18:33 +0000 (16:18 -0500)
committer	Rich Salz <rsalz@openssl.org>
	Thu, 12 Jan 2017 15:08:24 +0000 (10:08 -0500)
crypto/x509/x509_vpm.c		patch \| blob \| history
doc/crypto/X509_VERIFY_PARAM_set_flags.pod		patch \| blob \| history
include/openssl/x509_vfy.h		patch \| blob \| history
test/crltest.c		patch \| blob \| history
util/libcrypto.num		patch \| blob \| history