make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hidden

functions.. document with a man page.
bump majors on libtls, libssl, libcrypto
ok jsing@ guenther@

4 files changed, 7 insertions, 10 deletions

diff --git a/src/lib/libtls/shlib_version b/src/lib/libtls/shlib_version
index faa53892ba..56246d02b2 100644
--- a/src/lib/libtls/shlib_version
+++ b/src/lib/libtls/shlib_version
@@ -1,2 +1,2 @@
-major=11
-minor=6
+major=12
+minor=0
diff --git a/src/lib/libtls/tls_conninfo.c b/src/lib/libtls/tls_conninfo.c
index 5882a19cee..1bf4b2285b 100644
--- a/src/lib/libtls/tls_conninfo.c
+++ b/src/lib/libtls/tls_conninfo.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_conninfo.c,v 1.11 2016/08/22 17:12:35 jsing Exp $ */
+/* $OpenBSD: tls_conninfo.c,v 1.12 2016/11/04 18:07:24 beck Exp $ */
 /*
  * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
@@ -136,9 +136,9 @@ tls_get_peer_cert_times(struct tls *ctx, time_t *notbefore,
                 goto err;
         if ((after = X509_get_notAfter(ctx->ssl_peer_cert)) == NULL)
                 goto err;
-        if (asn1_time_parse(before->data, before->length, &before_tm, 0) == -1)
+        if (ASN1_time_parse(before->data, before->length, &before_tm, 0) == -1)
                 goto err;
-        if (asn1_time_parse(after->data, after->length, &after_tm, 0) == -1)
+        if (ASN1_time_parse(after->data, after->length, &after_tm, 0) == -1)
                 goto err;
         if ((*notbefore = timegm(&before_tm)) == -1)
                 goto err;
diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h
index 0112ceedb9..7b07c96c86 100644
--- a/src/lib/libtls/tls_internal.h
+++ b/src/lib/libtls/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.46 2016/11/04 05:13:13 beck Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.47 2016/11/04 18:07:24 beck Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -209,6 +209,4 @@ int tls_ocsp_verify_cb(SSL *ssl, void *arg);
 void tls_ocsp_ctx_free(struct tls_ocsp_ctx *ctx);
 struct tls_ocsp_ctx *tls_ocsp_setup_from_peer(struct tls *ctx);
 
-int asn1_time_parse(const char *, size_t, struct tm *, int);
-
 #endif /* HEADER_TLS_INTERNAL_H */
diff --git a/src/lib/libtls/tls_ocsp.c b/src/lib/libtls/tls_ocsp.c
index af65771f7c..52e90364a7 100644
--- a/src/lib/libtls/tls_ocsp.c
+++ b/src/lib/libtls/tls_ocsp.c
@@ -63,7 +63,7 @@ tls_ocsp_asn1_parse_time(struct tls *ctx, ASN1_GENERALIZEDTIME *gt, time_t *gt_t
         if (gt == NULL)
                 return -1;
         /* RFC 6960 specifies that all times in OCSP must be GENERALIZEDTIME */
-        if (asn1_time_parse(gt->data, gt->length, &tm,
+        if (ASN1_time_parse(gt->data, gt->length, &tm,
                 V_ASN1_GENERALIZEDTIME) == -1)
                 return -1;
         if ((*gt_time = timegm(&tm)) == -1)
@@ -258,7 +258,6 @@ tls_ocsp_verify_response(struct tls *ctx, OCSP_RESPONSE *resp)
                                OCSP_crl_reason_str(crl_reason));
                 goto error;
         }
-
         ret = 0;
 
  error: