mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-27 00:19:25 -05:00
Merge pull request #1869 from PhenomRetroShare/Fix_OpenSSL1_CreatCertFail
Fix OpenSSL fail to create Cert.
This commit is contained in:
commit
e323bc8573
@ -30,6 +30,7 @@
|
|||||||
#include "pqinetwork.h"
|
#include "pqinetwork.h"
|
||||||
#include "authgpg.h"
|
#include "authgpg.h"
|
||||||
#include "rsitems/rsconfigitems.h"
|
#include "rsitems/rsconfigitems.h"
|
||||||
|
#include "util/rsdebug.h"
|
||||||
#include "util/rsdir.h"
|
#include "util/rsdir.h"
|
||||||
#include "util/rsstring.h"
|
#include "util/rsstring.h"
|
||||||
#include "pgp/pgpkeyutil.h"
|
#include "pgp/pgpkeyutil.h"
|
||||||
@ -804,10 +805,18 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
|
|||||||
}
|
}
|
||||||
X509_NAME_free(issuer_name);
|
X509_NAME_free(issuer_name);
|
||||||
|
|
||||||
// NEW code, set validity time between null and null
|
// NEW code, set validity time between 2010 and 2110 (remember to change it when, if OpenSSL check it by default. ;) )
|
||||||
// (does not leak the key creation date to the outside anymore. for more privacy)
|
// (does not leak the key creation date to the outside anymore. for more privacy)
|
||||||
ASN1_TIME_set(X509_get_notBefore(x509), 0);
|
if (!ASN1_TIME_set_string(X509_getm_notBefore(x509), "20100101000000Z"))
|
||||||
ASN1_TIME_set(X509_get_notAfter(x509), 0);
|
{
|
||||||
|
RsErr() << __PRETTY_FUNCTION__ << " Set notBefore FAIL" << std::endl;
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
if (!ASN1_TIME_set_string(X509_getm_notAfter(x509), "21100101000000Z"))
|
||||||
|
{
|
||||||
|
RsErr() << __PRETTY_FUNCTION__ << " Set notAfter FAIL" << std::endl;
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if (!X509_set_subject_name(x509, X509_REQ_get_subject_name(req)))
|
if (!X509_set_subject_name(x509, X509_REQ_get_subject_name(req)))
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user