In function X509_cmp_time file X509_vfy.c
Existing code for handling offset on validity time:
if (*str == 'Z')
offset=0;
else
{
printf("*str != Z is %c\n",*str);
if ((*str != '+') && (str[5] != '-'))
return 0;
offset=((str[1]-'0')*10+(str[2]-'0'))*60;
offset+=(str[3]-'0')*10+(str[4]-'0');
if (*str == '-')
offset= -offset;
}
Should be:
if (*str == 'Z')
offset=0;
else
{
printf("*str != Z is %c\n",*str);
if ((*str != '+') && (*str != '-'))
return 0;
offset=((str[1]-'0')*10+(str[2]-'0'))*60;
offset+=(str[3]-'0')*10+(str[4]-'0');
if (*str == '-')
offset= -offset;
}
The existing code will accept
"050603014800+1800", but not "050603014800-0600"
> Jim Heit
> Enterprise Server Communications Engineering
> UNISYS Central Development Laboratory
> Roseville, MN USA
> +1(651)635-3169 Net2 524-3169
> Fax +1(651)635-5260 Net2 524-5260
> Reply to: [EMAIL PROTECTED]
>
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
