diff options
author | Laurent Bercot <ska-skaware@skarnet.org> | 2022-10-07 15:29:40 +0000 |
---|---|---|
committer | Laurent Bercot <ska@appnovation.com> | 2022-10-07 15:29:40 +0000 |
commit | e8d3f9d42c34f268a181661ca4aaedfa066c0a0a (patch) | |
tree | dd6eaaf3499e851f3b96bd9a1b391e14acaabe78 /src/sbearssl/sbearssl_x509_time_check.c | |
parent | d41fef5b74478b36787f387ed3f58099ac19c905 (diff) | |
download | s6-networking-e8d3f9d42c34f268a181661ca4aaedfa066c0a0a.tar.xz |
Add workaround to bearssl regression with BR_FEATURE_X509_TIME_CALLBACK
Signed-off-by: Laurent Bercot <ska@appnovation.com>
Diffstat (limited to 'src/sbearssl/sbearssl_x509_time_check.c')
-rw-r--r-- | src/sbearssl/sbearssl_x509_time_check.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/sbearssl/sbearssl_x509_time_check.c b/src/sbearssl/sbearssl_x509_time_check.c new file mode 100644 index 0000000..83e8072 --- /dev/null +++ b/src/sbearssl/sbearssl_x509_time_check.c @@ -0,0 +1,16 @@ +/* ISC license. */ + +#include <stdint.h> +#include <bearssl.h> + +#include <skalibs/tai.h> + +#include <s6-networking/sbearssl.h> + +int sbearssl_x509_time_check (void *ctx, uint32_t nbd, uint32_t nbs, uint32_t nad, uint32_t nas) +{ + uint32_t days, seconds ; + if (!sbearssl_dayseconds_from_tai(&days, &seconds, (tai *)ctx)) return -2 ; + if (days < nbd || (days == nbd && seconds < nbs)) return -1 ; + return days > nad || (days == nad && seconds > nas) ; +} |