diff options
| -rw-r--r-- | src/openssl.c | 34 |
1 files changed, 25 insertions, 9 deletions
diff --git a/src/openssl.c b/src/openssl.c index 9561617..c3ab69f 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
| @@ -350,6 +350,14 @@ | |||
| 350 | #define HAVE_STACK_OPENSSL_STRING_FUNCS (OPENSSL_PREREQ(1,0,0) || LIBRESSL_PREREQ(2,0,0)) | 350 | #define HAVE_STACK_OPENSSL_STRING_FUNCS (OPENSSL_PREREQ(1,0,0) || LIBRESSL_PREREQ(2,0,0)) |
| 351 | #endif | 351 | #endif |
| 352 | 352 | ||
| 353 | #ifndef HAVE_X509_CRL_GET0_LASTUPDATE | ||
| 354 | #define HAVE_X509_CRL_GET0_LASTUPDATE OPENSSL_PREREQ(1,1,0) | ||
| 355 | #endif | ||
| 356 | |||
| 357 | #ifndef HAVE_X509_CRL_GET0_NEXTUPDATE | ||
| 358 | #define HAVE_X509_CRL_GET0_NEXTUPDATE OPENSSL_PREREQ(1,1,0) | ||
| 359 | #endif | ||
| 360 | |||
| 353 | #ifndef HAVE_X509_GET_SIGNATURE_NID | 361 | #ifndef HAVE_X509_GET_SIGNATURE_NID |
| 354 | #define HAVE_X509_GET_SIGNATURE_NID OPENSSL_PREREQ(1,0,2) | 362 | #define HAVE_X509_GET_SIGNATURE_NID OPENSSL_PREREQ(1,0,2) |
| 355 | #endif | 363 | #endif |
| @@ -1753,6 +1761,14 @@ static int compat_SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) { | |||
| 1753 | #define X509_CRL_get0_ext(crt, i) X509_CRL_get_ext((crt), (i)) | 1761 | #define X509_CRL_get0_ext(crt, i) X509_CRL_get_ext((crt), (i)) |
| 1754 | #endif | 1762 | #endif |
| 1755 | 1763 | ||
| 1764 | #if !HAVE_X509_CRL_GET0_LASTUPDATE | ||
| 1765 | #define X509_CRL_get0_lastUpdate(crl) ((const ASN1_TIME*)X509_CRL_get_lastUpdate(crl)) | ||
| 1766 | #endif | ||
| 1767 | |||
| 1768 | #if !HAVE_X509_CRL_GET0_NEXTUPDATE | ||
| 1769 | #define X509_CRL_get0_nextUpdate(crl) ((const ASN1_TIME*)X509_CRL_get_nextUpdate(crl)) | ||
| 1770 | #endif | ||
| 1771 | |||
| 1756 | #if !HAVE_X509_EXTENSION_GET0_OBJECT | 1772 | #if !HAVE_X509_EXTENSION_GET0_OBJECT |
| 1757 | #define X509_EXTENSION_get0_object(ext) X509_EXTENSION_get_object((ext)) | 1773 | #define X509_EXTENSION_get0_object(ext) X509_EXTENSION_get_object((ext)) |
| 1758 | #endif | 1774 | #endif |
| @@ -5637,17 +5653,17 @@ static _Bool scan(int *i, char **cp, int n, int signok) { | |||
| 5637 | } /* scan() */ | 5653 | } /* scan() */ |
| 5638 | 5654 | ||
| 5639 | 5655 | ||
| 5640 | static double timeutc(ASN1_TIME *time) { | 5656 | static double timeutc(const ASN1_TIME *time) { |
| 5641 | char buf[32] = "", *cp; | 5657 | char buf[32] = "", *cp; |
| 5642 | struct tm tm = { 0 }; | 5658 | struct tm tm = { 0 }; |
| 5643 | int gmtoff = 0, year, i; | 5659 | int gmtoff = 0, year, i; |
| 5644 | 5660 | ||
| 5645 | if (!ASN1_TIME_check(time)) | 5661 | if (!ASN1_TIME_check((ASN1_STRING *)time)) |
| 5646 | return 0; | 5662 | return 0; |
| 5647 | 5663 | ||
| 5648 | cp = strncpy(buf, (const char *)ASN1_STRING_get0_data((ASN1_STRING *)time), sizeof buf - 1); | 5664 | cp = strncpy(buf, (const char *)ASN1_STRING_get0_data((ASN1_STRING *)time), sizeof buf - 1); |
| 5649 | 5665 | ||
| 5650 | if (ASN1_STRING_type(time) == V_ASN1_GENERALIZEDTIME) { | 5666 | if (ASN1_STRING_type((ASN1_STRING *)time) == V_ASN1_GENERALIZEDTIME) { |
| 5651 | if (!scan(&year, &cp, 4, 1)) | 5667 | if (!scan(&year, &cp, 4, 1)) |
| 5652 | goto badfmt; | 5668 | goto badfmt; |
| 5653 | } else { | 5669 | } else { |
| @@ -5709,7 +5725,7 @@ badfmt: | |||
| 5709 | static int xc_getLifetime(lua_State *L) { | 5725 | static int xc_getLifetime(lua_State *L) { |
| 5710 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); | 5726 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); |
| 5711 | double begin = INFINITY, end = INFINITY; | 5727 | double begin = INFINITY, end = INFINITY; |
| 5712 | ASN1_TIME *time; | 5728 | const ASN1_TIME *time; |
| 5713 | 5729 | ||
| 5714 | if ((time = X509_get_notBefore(crt))) | 5730 | if ((time = X509_get_notBefore(crt))) |
| 5715 | begin = timeutc(time); | 5731 | begin = timeutc(time); |
| @@ -6838,9 +6854,9 @@ static int xx_setVersion(lua_State *L) { | |||
| 6838 | static int xx_getLastUpdate(lua_State *L) { | 6854 | static int xx_getLastUpdate(lua_State *L) { |
| 6839 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); | 6855 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); |
| 6840 | double updated = INFINITY; | 6856 | double updated = INFINITY; |
| 6841 | ASN1_TIME *time; | 6857 | const ASN1_TIME *time; |
| 6842 | 6858 | ||
| 6843 | if ((time = X509_CRL_get_lastUpdate(crl))) | 6859 | if ((time = X509_CRL_get0_lastUpdate(crl))) |
| 6844 | updated = timeutc(time); | 6860 | updated = timeutc(time); |
| 6845 | 6861 | ||
| 6846 | if (isfinite(updated)) | 6862 | if (isfinite(updated)) |
| @@ -6869,9 +6885,9 @@ static int xx_setLastUpdate(lua_State *L) { | |||
| 6869 | static int xx_getNextUpdate(lua_State *L) { | 6885 | static int xx_getNextUpdate(lua_State *L) { |
| 6870 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); | 6886 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); |
| 6871 | double updateby = INFINITY; | 6887 | double updateby = INFINITY; |
| 6872 | ASN1_TIME *time; | 6888 | const ASN1_TIME *time; |
| 6873 | 6889 | ||
| 6874 | if ((time = X509_CRL_get_nextUpdate(crl))) | 6890 | if ((time = X509_CRL_get0_nextUpdate(crl))) |
| 6875 | updateby = timeutc(time); | 6891 | updateby = timeutc(time); |
| 6876 | 6892 | ||
| 6877 | if (isfinite(updateby)) | 6893 | if (isfinite(updateby)) |
| @@ -6888,7 +6904,7 @@ static int xx_setNextUpdate(lua_State *L) { | |||
| 6888 | double updateby = luaL_checknumber(L, 2); | 6904 | double updateby = luaL_checknumber(L, 2); |
| 6889 | ASN1_TIME *time = NULL; | 6905 | ASN1_TIME *time = NULL; |
| 6890 | 6906 | ||
| 6891 | if (X509_CRL_get_nextUpdate(crl)) { | 6907 | if (X509_CRL_get0_nextUpdate(crl)) { |
| 6892 | if (!ASN1_TIME_set(X509_CRL_get_nextUpdate(crl), updateby)) | 6908 | if (!ASN1_TIME_set(X509_CRL_get_nextUpdate(crl), updateby)) |
| 6893 | goto error; | 6909 | goto error; |
| 6894 | } else { | 6910 | } else { |