Remove ASN1_time_parse() dependency in tls_conninfo.c

During r2k22 ported some of the missing OpenSSL ASN.1 time API. This is a step towards removing the dependency of libtls on ASN1_time_parse(). The latter grew a dependency on CBS/CBB, and thus the choice is to pull in all this code or to use a no longer maintained version of the API. Both options are unappealing. ok beck
author: tb <> 2023-11-13 10:51:49 +0000
committer: tb <> 2023-11-13 10:51:49 +0000
commit: 7bbf74b4a508718799c37fccc2c2c8708e599b8d (patch)
tree: a11215061d9233c824abf979743586ba21253bd6
parent: 934fbb57cd6b0549754b91dafe57b3f63d754fad (diff)
download: openbsd-7bbf74b4a508718799c37fccc2c2c8708e599b8d.tar.gz
openbsd-7bbf74b4a508718799c37fccc2c2c8708e599b8d.tar.bz2
openbsd-7bbf74b4a508718799c37fccc2c2c8708e599b8d.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libtls/tls_conninfo.c b/src/lib/libtls/tls_conninfo.c
index b2aadab083..90fdfacad3 100644
--- a/src/lib/libtls/tls_conninfo.c
+++ b/src/lib/libtls/tls_conninfo.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_conninfo.c,v 1.23 2023/05/14 07:26:25 op Exp $ */
+/* $OpenBSD: tls_conninfo.c,v 1.24 2023/11/13 10:51:49 tb Exp $ */
 /*
 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
@@ -117,9 +117,9 @@ tls_get_peer_cert_times(struct tls *ctx, time_t *notbefore,
                goto err;
        if ((after = X509_get_notAfter(ctx->ssl_peer_cert)) == NULL)
                goto err;
-        if (ASN1_time_parse(before->data, before->length, &before_tm, 0) == -1)
+        if (!ASN1_TIME_to_tm(before, &before_tm))
                goto err;
-        if (ASN1_time_parse(after->data, after->length, &after_tm, 0) == -1)
+        if (!ASN1_TIME_to_tm(after, &after_tm))
                goto err;
        if (!ASN1_time_tm_clamp_notafter(&after_tm))
                goto err;
author	tb <>	2023-11-13 10:51:49 +0000
committer	tb <>	2023-11-13 10:51:49 +0000
commit	7bbf74b4a508718799c37fccc2c2c8708e599b8d (patch)
tree	a11215061d9233c824abf979743586ba21253bd6
parent	934fbb57cd6b0549754b91dafe57b3f63d754fad (diff)
download	openbsd-7bbf74b4a508718799c37fccc2c2c8708e599b8d.tar.gz openbsd-7bbf74b4a508718799c37fccc2c2c8708e599b8d.tar.bz2 openbsd-7bbf74b4a508718799c37fccc2c2c8708e599b8d.zip

diff --git a/src/lib/libtls/tls_conninfo.c b/src/lib/libtls/tls_conninfo.c index b2aadab083..90fdfacad3 100644 --- a/src/lib/libtls/tls_conninfo.c +++ b/src/lib/libtls/tls_conninfo.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls_conninfo.c,v 1.23 2023/05/14 07:26:25 op Exp $ */	1	/* $OpenBSD: tls_conninfo.c,v 1.24 2023/11/13 10:51:49 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2015 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2015 Bob Beck <beck@openbsd.org>	4	* Copyright (c) 2015 Bob Beck <beck@openbsd.org>
@@ -117,9 +117,9 @@ tls_get_peer_cert_times(struct tls ctx, time_t notbefore,
117	goto err;	117	goto err;
118	if ((after = X509_get_notAfter(ctx->ssl_peer_cert)) == NULL)	118	if ((after = X509_get_notAfter(ctx->ssl_peer_cert)) == NULL)
119	goto err;	119	goto err;
120	if (ASN1_time_parse(before->data, before->length, &before_tm, 0) == -1)	120	if (!ASN1_TIME_to_tm(before, &before_tm))
121	goto err;	121	goto err;
122	if (ASN1_time_parse(after->data, after->length, &after_tm, 0) == -1)	122	if (!ASN1_TIME_to_tm(after, &after_tm))
123	goto err;	123	goto err;
124	if (!ASN1_time_tm_clamp_notafter(&after_tm))	124	if (!ASN1_time_tm_clamp_notafter(&after_tm))
125	goto err;	125	goto err;