AEgypten bugfix #1220: make sure that (a) negative numbers of days-left-to-expire-of-certificate are reported correctly by using an int instead of a time_t and (b) return the special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE to indicate that no expire date is stored in this certificate

2002-09-03 16:21:34 +00:00 · 2002-09-03 16:21:34 +00:00 · 6a7a934055
commit 6a7a934055
parent 20707b1928
2 changed files with 64 additions and 32 deletions
--- a/gpgmeplug/cryptplug.h
+++ b/gpgmeplug/cryptplug.h
@ -297,6 +297,8 @@ enum {
 typedef unsigned long SigStatusFlags;


+#define CRYPTPLUG_CERT_DOES_NEVER_EXPIRE 365000
+



@ -621,12 +623,18 @@ void setSignatureCertificateExpiryNearWarning( bool );
 */
 bool signatureCertificateExpiryNearWarning( void );

-    /*! \ingroup groupConfigSign
-      \brief Returns the number of days that are left until the
-      specified certificate expires. 
-      \param certificate the certificate to check
-    */
-    int signatureCertificateDaysLeftToExpiry( const char* certificate );
+/*! \ingroup groupConfigSign
+   \brief Returns the number of days that are left until the
+   specified certificate expires.
+   
+   Negative values show how many days ago the certificate DID expire,
+   a zero value means the certificate expires today,
+   special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
+   no expire date stored in this certificate.
+   
+   \param certificate the certificate to check
+*/
+int signatureCertificateDaysLeftToExpiry( const char* certificate );

 /*! \ingroup groupConfigSign
   \brief Specifies the number of days which a signature certificate must
@ -654,12 +662,18 @@ void setCACertificateExpiryNearWarning( bool );
 */
 bool caCertificateExpiryNearWarning( void );

-    /*! \ingroup groupConfigSign
-      \brief Returns the number of days that are left until the
-      CA certificate of the specified certificate expires. 
-      \param certificate the certificate to check
-    */
-    int caCertificateDaysLeftToExpiry( const char* certificate );
+/*! \ingroup groupConfigSign
+  \brief Returns the number of days that are left until the
+  CA certificate of the specified certificate expires. 
+   
+   Negative values show how many days ago the certificate DID expire,
+   a zero value means the certificate expires today,
+   special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
+   no expire date stored in this certificate.
+   
+  \param certificate the certificate to check
+*/
+int caCertificateDaysLeftToExpiry( const char* certificate );

 /*! \ingroup groupConfigSign
   \brief Specifies the number of days which a CA certificate must
@ -687,12 +701,18 @@ void setRootCertificateExpiryNearWarning( bool );
 */
 bool rootCertificateExpiryNearWarning( void );

-    /*! \ingroup groupConfigSign
-      \brief Returns the number of days that are left until the
-      root certificate of the specified certificate expires. 
-      \param certificate the certificate to check
-    */
-    int rootCertificateDaysLeftToExpiry( const char* certificate );
+/*! \ingroup groupConfigSign
+   \brief Returns the number of days that are left until the
+   root certificate of the specified certificate expires. 
+   
+   Negative values show how many days ago the certificate DID expire,
+   a zero value means the certificate expires today,
+   special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
+   no expire date stored in this certificate.
+   
+   \param certificate the certificate to check
+*/
+int rootCertificateDaysLeftToExpiry( const char* certificate );

 /*! \ingroup groupConfigSign
   \brief Specifies the number of days which a root certificate must
@ -863,6 +883,11 @@ bool receiverCertificateExpiryNearWarning( void );
 /*! \ingroup groupConfigCrypt
  \brief Returns the number of days until the specified receiver
  certificate expires.
+   
+   Negative values show how many days ago the certificate DID expire,
+   a zero value means the certificate expires today,
+   special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
+   no expire date stored in this certificate.
 */
 int receiverCertificateDaysLeftToExpiry( const char* certificate );

@ -911,6 +936,11 @@ int certificateInChainExpiryNearWarningInterval( void );
 /*! \ingroup groupConfigCrypt
  \brief Returns the number of days until the first certificate in
  the chain of the receiver certificate expires.
+   
+   Negative values show how many days ago the certificate DID expire,
+   a zero value means the certificate expires today,
+   special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
+   no expire date stored in this certificate.
 */
 int certificateInChainDaysLeftToExpiry( const char* certificate );

--- a/gpgmeplug/gpgmeplug.c
+++ b/gpgmeplug/gpgmeplug.c
@ -545,7 +545,7 @@ int signatureCertificateDaysLeftToExpiry( const char* certificate )
  GpgmeCtx ctx;
  GpgmeError err;
  GpgmeKey rKey;
-  time_t daysLeft = 0;
+  int daysLeft = CRYPTPLUG_CERT_DOES_NEVER_EXPIRE;

  gpgme_new( &ctx );
  gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
@ -556,9 +556,14 @@ int signatureCertificateDaysLeftToExpiry( const char* certificate )
    gpgme_op_keylist_end( ctx );
    if ( GPGME_No_Error == err ) {
      time_t expire_time = gpgme_key_get_ulong_attr(
-                             rKey,GPGME_ATTR_EXPIRE, NULL, 0 );
+                             rKey, GPGME_ATTR_EXPIRE, NULL, 0 );
      time_t cur_time = time (NULL);
-      daysLeft = days_from_seconds(expire_time - cur_time);
+      if( cur_time > expire_time ) {
+        daysLeft = days_from_seconds(cur_time - expire_time);
+        daysLeft *= -1;
+      }
+      else
+        daysLeft = days_from_seconds(expire_time - cur_time);
      gpgme_key_release( rKey );
    }
  }
@ -830,7 +835,7 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
  GpgmeCtx ctx;
  GpgmeError err;
  GpgmeKey rKey;
-  time_t daysLeft = 0;
+  int daysLeft = CRYPTPLUG_CERT_DOES_NEVER_EXPIRE;

  gpgme_new( &ctx );
  gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
@ -843,7 +848,12 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
      time_t expire_time = gpgme_key_get_ulong_attr(
                             rKey,GPGME_ATTR_EXPIRE, NULL, 0 );
      time_t cur_time = time (NULL);
-      daysLeft = days_from_seconds(expire_time - cur_time);
+      if( cur_time > expire_time ) {
+        daysLeft = days_from_seconds(cur_time - expire_time);
+        daysLeft *= -1;
+      }
+      else
+        daysLeft = days_from_seconds(expire_time - cur_time);
      gpgme_key_release( rKey );
    }
  }
@ -854,14 +864,6 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
  */

  return daysLeft;
-    
-    
-    
-    /* PENDING(g10)
-       Please return the number of days that are left until the
-       certificate specified in the parameter certificate expires.
-    */
-  return 10; /* dummy that triggers a warning in the MUA */
 }


@ -2362,7 +2364,7 @@ importCertificateFromMem( const char* data, size_t length , char** additional_in
  }
  if( count < 1 ) {
    /* we didn't import anything?!? */
-    fprintf( stderr,  "gpgme_op_import_ext did not import any certificate\n", err );    
+    fprintf( stderr,  "gpgme_op_import_ext did not import any certificate\n" );    
    gpgme_data_release( keydata );    
    gpgme_release( ctx );
    return -1; /* FIXME */