1 files changed, 5 insertions, 27 deletions
diff --git a/src/usr.bin/openssl/ca.c b/src/usr.bin/openssl/ca.c
index 9ed7c59caa..5414a921d4 100644
--- a/src/usr.bin/openssl/ca.c
+++ b/src/usr.bin/openssl/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.24 2017/05/04 12:36:13 beck Exp $ */
+/* $OpenBSD: ca.c,v 1.25 2017/05/08 21:12:36 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -218,37 +218,15 @@ static int msie_hack = 0;
 static int
 setCertificateTime(ASN1_TIME *x509time, char *timestring)
 {
-        struct tm tm1, tm2;
+        struct tm tm1;
-        char *rfctime = timestring;
-        int type;
        memset(&tm1, 0, sizeof(tm1));
-        memset(&tm2, 0, sizeof(tm2));
+        if (ASN1_time_parse(timestring, strlen(timestring), &tm1, 0) == -1)
-        type = ASN1_time_parse(timestring, strlen(timestring), &tm1, 0);
-        if (type == -1) {
                return (-1);
-        }
+        if (!ASN1_TIME_set_tm(x509time, &tm1))
-        /* RFC 5280 section 4.1.2.5 */
-        if (tm1.tm_year < 150 && type != V_ASN1_UTCTIME) {
-                if (strlen(timestring) == 15) {
-                        /* Fix date if possible */
-                        rfctime = timestring + 2;
-                        type = ASN1_time_parse(rfctime, strlen(rfctime),
-                            &tm2, 0);
-                        if (type != V_ASN1_UTCTIME ||
-                            tm1.tm_year != tm2.tm_year)
-                                return (-1);
-                } else
-                        return (-1);
-        }
-        if (tm1.tm_year >= 150 && type != V_ASN1_GENERALIZEDTIME)
                return (-1);
-        ASN1_TIME_set_string(x509time, rfctime);
+        return 0;
-        return (0);
 }
 int
 ca_main(int argc, char **argv)
 {

diff --git a/src/usr.bin/openssl/ca.c b/src/usr.bin/openssl/ca.c index 9ed7c59caa..5414a921d4 100644 --- a/src/usr.bin/openssl/ca.c +++ b/src/usr.bin/openssl/ca.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ca.c,v 1.24 2017/05/04 12:36:13 beck Exp $ */	1	/* $OpenBSD: ca.c,v 1.25 2017/05/08 21:12:36 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -218,37 +218,15 @@ static int msie_hack = 0;
218	static int	218	static int
219	setCertificateTime(ASN1_TIME x509time, char timestring)	219	setCertificateTime(ASN1_TIME x509time, char timestring)
220	{	220	{
221	struct tm tm1, tm2;	221	struct tm tm1;
222	char *rfctime = timestring;
223	int type;
224
225	memset(&tm1, 0, sizeof(tm1));	222	memset(&tm1, 0, sizeof(tm1));
226	memset(&tm2, 0, sizeof(tm2));	223	if (ASN1_time_parse(timestring, strlen(timestring), &tm1, 0) == -1)
227	type = ASN1_time_parse(timestring, strlen(timestring), &tm1, 0);
228	if (type == -1) {
229	return (-1);	224	return (-1);
230	}	225	if (!ASN1_TIME_set_tm(x509time, &tm1))
231
232	/* RFC 5280 section 4.1.2.5 */
233	if (tm1.tm_year < 150 && type != V_ASN1_UTCTIME) {
234	if (strlen(timestring) == 15) {
235	/* Fix date if possible */
236	rfctime = timestring + 2;
237	type = ASN1_time_parse(rfctime, strlen(rfctime),
238	&tm2, 0);
239	if (type != V_ASN1_UTCTIME \|\|
240	tm1.tm_year != tm2.tm_year)
241	return (-1);
242	} else
243	return (-1);
244	}
245	if (tm1.tm_year >= 150 && type != V_ASN1_GENERALIZEDTIME)
246	return (-1);	226	return (-1);
247	ASN1_TIME_set_string(x509time, rfctime);	227	return 0;
248	return (0);
249	}	228	}
250		229
251
252	int	230	int
253	ca_main(int argc, char **argv)	231	ca_main(int argc, char **argv)
254	{	232	{