Eliminate the timegm(3) dependency in libcrypto

timegm(3) is not available on some operating systems we support in
portable. We currently use musl's implementation, for which gcc-13
decided to emit warnings (which seem incorrect in general and are
irrelevant in this case anyway). Instead of patching this up and
diverge from upstream, we can avoid reports about compiler warnings
by simply not depending on this function.

Rework the caching of notBefore and notAfter by replacing timegm(3)
with asn1_time_tm_to_time_t(3). Also make this API properly error
checkable since at the time x509v3_cache_extensions(3) is called,
nothing is known about the cert, in particular not whether it isn't
malformed one way or the other.

suggested by and ok beck

1 files changed, 27 insertions, 11 deletions

diff --git a/src/lib/libcrypto/x509/x509_verify.c b/src/lib/libcrypto/x509/x509_verify.c
index ca4814d938..c4c89a23b9 100644
--- a/src/lib/libcrypto/x509/x509_verify.c
+++ b/src/lib/libcrypto/x509/x509_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_verify.c,v 1.66 2023/05/07 07:11:50 tb Exp $ */
+/* $OpenBSD: x509_verify.c,v 1.67 2023/11/13 10:33:00 tb Exp $ */
 /*
  * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org>
  *
@@ -27,6 +27,7 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
+#include "asn1_local.h"
 #include "x509_internal.h"
 #include "x509_issuer_cache.h"
 
@@ -44,21 +45,22 @@ static void x509_verify_chain_free(struct x509_verify_chain *chain);
  * Parse an asn1 to a representable time_t as per RFC 5280 rules.
  * Returns -1 if that can't be done for any reason.
  */
-time_t
-x509_verify_asn1_time_to_time_t(const ASN1_TIME *atime, int notAfter)
+int
+x509_verify_asn1_time_to_time_t(const ASN1_TIME *atime, int notAfter,
+    time_t *out)
 {
         struct tm tm = { 0 };
         int type;
 
         type = ASN1_time_parse(atime->data, atime->length, &tm, atime->type);
         if (type == -1)
-                return -1;
+                return 0;
 
         /* RFC 5280 section 4.1.2.5 */
         if (tm.tm_year < 150 && type != V_ASN1_UTCTIME)
-                return -1;
+                return 0;
         if (tm.tm_year >= 150 && type != V_ASN1_GENERALIZEDTIME)
-                return -1;
+                return 0;
 
         if (notAfter) {
                 /*
@@ -67,7 +69,7 @@ x509_verify_asn1_time_to_time_t(const ASN1_TIME *atime, int notAfter)
                  * date, limit the date to a 32 bit representable value.
                  */
                 if (!ASN1_time_tm_clamp_notafter(&tm))
-                        return -1;
+                        return 0;
         }
 
         /*
@@ -75,22 +77,36 @@ x509_verify_asn1_time_to_time_t(const ASN1_TIME *atime, int notAfter)
          * a time_t. A time_t must be sane if you care about times after
          * Jan 19 2038.
          */
-        return timegm(&tm);
+        return asn1_time_tm_to_time_t(&tm, out);
 }
 
 /*
  * Cache certificate hash, and values parsed out of an X509.
  * called from cache_extensions()
  */
-void
+int
 x509_verify_cert_info_populate(X509 *cert)
 {
+        const ASN1_TIME *notBefore, *notAfter;
+
         /*
          * Parse and save the cert times, or remember that they
          * are unacceptable/unparsable.
          */
-        cert->not_before = x509_verify_asn1_time_to_time_t(X509_get_notBefore(cert), 0);
-        cert->not_after = x509_verify_asn1_time_to_time_t(X509_get_notAfter(cert), 1);
+
+        cert->not_before = cert->not_after = -1;
+
+        if ((notBefore = X509_get_notBefore(cert)) == NULL)
+                return 0;
+        if ((notAfter = X509_get_notAfter(cert)) == NULL)
+                return 0;
+
+        if (!x509_verify_asn1_time_to_time_t(notBefore, 0, &cert->not_before))
+                return 0;
+        if (!x509_verify_asn1_time_to_time_t(notAfter, 1, &cert->not_after))
+                return 0;
+
+        return 1;
 }
 
 struct x509_verify_chain *