On 04/26/2017 04:29 PM, John Magne wrote:
CA in the certificate profiles the startTime parameter is not working as
expected.
This simple fix addresses an overflow in the "startTime" paramenter in 4 places in the code. I felt that honing in only on the startTime value was the best way to go. In some of the files other than ValidityDefault.java, there were possibly some values that could be changed from int to long. Due to the complexity of some of the calculations involved in some of those cases, it is best to fix the exact issue at hand instead of introducing some other possible side effects.
Tested with a simple enrollment in the caUserCert profile by setting the
startTime constraint to the offending value listed in the ticket/bug. The
correct start time 30 days in the future was calculated and made part of the
cert.
Issue:
https://pagure.io/dogtagpki/issue/2520
_______________________________________________
Pki-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/pki-devel
Tested this out, and agree that limiting this to simply "startTime" was
the right decision.
ACK
_______________________________________________
Pki-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/pki-devel
