On Mon, May 10, 1999 at 01:39:43PM +0200, Massimiliano Pala wrote:
Hi Massimiliano !
> Lars Weber wrote:
>
> I had to move the whole if(updatedb) ... to upper level actually avoiding the
> password request ( thus removing your if(updatedb = 0 ) on the certificate
> loading stage). I actually get errors when lounching the -updatedb because a
> newly issued certificate with the following entry in db gets the 'Expired'
> flag set (while it shouldn't). Here it is:
>
> V 000509111506Z 01 unknown
>/C=IT/O=OpenCA/OU=Developer/CN=Massimiliano
> [EMAIL PROTECTED]
> Do you have some ideas ? Anyway I post the ca.diff patch (use patch -p1 ca.c ca.diff)
> so we ca work toghether to the problem.
jfi:
I have seen you already got it. I have missed an "!" in an wrapping if-clause:
> + if ( strncmp( rrow[DB_exp_date], "49", 2 ) <= 0 )
> + db_y2k = 1;
> + else
> + db_y2k = 0;
> + if ( db_y2k > a_y2k ) /* db > a => cert is valid */
Last line should be
> + if ( ! (db_y2k > a_y2k) ) /* db > a => cert is valid */
Sorry for the irritation and thanks for support !
Ciao,
Lars <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]