AEgypten bugfix #1220: make sure that (a) negative numbers of days-left-to-expire-of-certificate are reported correctly by using an int instead of a time_t and (b) return the special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE to indicate that no expire date is stored in this certificate
This commit is contained in:
parent
20707b1928
commit
6a7a934055
@ -297,6 +297,8 @@ enum {
|
|||||||
typedef unsigned long SigStatusFlags;
|
typedef unsigned long SigStatusFlags;
|
||||||
|
|
||||||
|
|
||||||
|
#define CRYPTPLUG_CERT_DOES_NEVER_EXPIRE 365000
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -621,12 +623,18 @@ void setSignatureCertificateExpiryNearWarning( bool );
|
|||||||
*/
|
*/
|
||||||
bool signatureCertificateExpiryNearWarning( void );
|
bool signatureCertificateExpiryNearWarning( void );
|
||||||
|
|
||||||
/*! \ingroup groupConfigSign
|
/*! \ingroup groupConfigSign
|
||||||
\brief Returns the number of days that are left until the
|
\brief Returns the number of days that are left until the
|
||||||
specified certificate expires.
|
specified certificate expires.
|
||||||
\param certificate the certificate to check
|
|
||||||
*/
|
Negative values show how many days ago the certificate DID expire,
|
||||||
int signatureCertificateDaysLeftToExpiry( const char* certificate );
|
a zero value means the certificate expires today,
|
||||||
|
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
|
||||||
|
no expire date stored in this certificate.
|
||||||
|
|
||||||
|
\param certificate the certificate to check
|
||||||
|
*/
|
||||||
|
int signatureCertificateDaysLeftToExpiry( const char* certificate );
|
||||||
|
|
||||||
/*! \ingroup groupConfigSign
|
/*! \ingroup groupConfigSign
|
||||||
\brief Specifies the number of days which a signature certificate must
|
\brief Specifies the number of days which a signature certificate must
|
||||||
@ -654,12 +662,18 @@ void setCACertificateExpiryNearWarning( bool );
|
|||||||
*/
|
*/
|
||||||
bool caCertificateExpiryNearWarning( void );
|
bool caCertificateExpiryNearWarning( void );
|
||||||
|
|
||||||
/*! \ingroup groupConfigSign
|
/*! \ingroup groupConfigSign
|
||||||
\brief Returns the number of days that are left until the
|
\brief Returns the number of days that are left until the
|
||||||
CA certificate of the specified certificate expires.
|
CA certificate of the specified certificate expires.
|
||||||
\param certificate the certificate to check
|
|
||||||
*/
|
Negative values show how many days ago the certificate DID expire,
|
||||||
int caCertificateDaysLeftToExpiry( const char* certificate );
|
a zero value means the certificate expires today,
|
||||||
|
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
|
||||||
|
no expire date stored in this certificate.
|
||||||
|
|
||||||
|
\param certificate the certificate to check
|
||||||
|
*/
|
||||||
|
int caCertificateDaysLeftToExpiry( const char* certificate );
|
||||||
|
|
||||||
/*! \ingroup groupConfigSign
|
/*! \ingroup groupConfigSign
|
||||||
\brief Specifies the number of days which a CA certificate must
|
\brief Specifies the number of days which a CA certificate must
|
||||||
@ -687,12 +701,18 @@ void setRootCertificateExpiryNearWarning( bool );
|
|||||||
*/
|
*/
|
||||||
bool rootCertificateExpiryNearWarning( void );
|
bool rootCertificateExpiryNearWarning( void );
|
||||||
|
|
||||||
/*! \ingroup groupConfigSign
|
/*! \ingroup groupConfigSign
|
||||||
\brief Returns the number of days that are left until the
|
\brief Returns the number of days that are left until the
|
||||||
root certificate of the specified certificate expires.
|
root certificate of the specified certificate expires.
|
||||||
\param certificate the certificate to check
|
|
||||||
*/
|
Negative values show how many days ago the certificate DID expire,
|
||||||
int rootCertificateDaysLeftToExpiry( const char* certificate );
|
a zero value means the certificate expires today,
|
||||||
|
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
|
||||||
|
no expire date stored in this certificate.
|
||||||
|
|
||||||
|
\param certificate the certificate to check
|
||||||
|
*/
|
||||||
|
int rootCertificateDaysLeftToExpiry( const char* certificate );
|
||||||
|
|
||||||
/*! \ingroup groupConfigSign
|
/*! \ingroup groupConfigSign
|
||||||
\brief Specifies the number of days which a root certificate must
|
\brief Specifies the number of days which a root certificate must
|
||||||
@ -863,6 +883,11 @@ bool receiverCertificateExpiryNearWarning( void );
|
|||||||
/*! \ingroup groupConfigCrypt
|
/*! \ingroup groupConfigCrypt
|
||||||
\brief Returns the number of days until the specified receiver
|
\brief Returns the number of days until the specified receiver
|
||||||
certificate expires.
|
certificate expires.
|
||||||
|
|
||||||
|
Negative values show how many days ago the certificate DID expire,
|
||||||
|
a zero value means the certificate expires today,
|
||||||
|
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
|
||||||
|
no expire date stored in this certificate.
|
||||||
*/
|
*/
|
||||||
int receiverCertificateDaysLeftToExpiry( const char* certificate );
|
int receiverCertificateDaysLeftToExpiry( const char* certificate );
|
||||||
|
|
||||||
@ -911,6 +936,11 @@ int certificateInChainExpiryNearWarningInterval( void );
|
|||||||
/*! \ingroup groupConfigCrypt
|
/*! \ingroup groupConfigCrypt
|
||||||
\brief Returns the number of days until the first certificate in
|
\brief Returns the number of days until the first certificate in
|
||||||
the chain of the receiver certificate expires.
|
the chain of the receiver certificate expires.
|
||||||
|
|
||||||
|
Negative values show how many days ago the certificate DID expire,
|
||||||
|
a zero value means the certificate expires today,
|
||||||
|
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
|
||||||
|
no expire date stored in this certificate.
|
||||||
*/
|
*/
|
||||||
int certificateInChainDaysLeftToExpiry( const char* certificate );
|
int certificateInChainDaysLeftToExpiry( const char* certificate );
|
||||||
|
|
||||||
|
@ -545,7 +545,7 @@ int signatureCertificateDaysLeftToExpiry( const char* certificate )
|
|||||||
GpgmeCtx ctx;
|
GpgmeCtx ctx;
|
||||||
GpgmeError err;
|
GpgmeError err;
|
||||||
GpgmeKey rKey;
|
GpgmeKey rKey;
|
||||||
time_t daysLeft = 0;
|
int daysLeft = CRYPTPLUG_CERT_DOES_NEVER_EXPIRE;
|
||||||
|
|
||||||
gpgme_new( &ctx );
|
gpgme_new( &ctx );
|
||||||
gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
|
gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
|
||||||
@ -556,9 +556,14 @@ int signatureCertificateDaysLeftToExpiry( const char* certificate )
|
|||||||
gpgme_op_keylist_end( ctx );
|
gpgme_op_keylist_end( ctx );
|
||||||
if ( GPGME_No_Error == err ) {
|
if ( GPGME_No_Error == err ) {
|
||||||
time_t expire_time = gpgme_key_get_ulong_attr(
|
time_t expire_time = gpgme_key_get_ulong_attr(
|
||||||
rKey,GPGME_ATTR_EXPIRE, NULL, 0 );
|
rKey, GPGME_ATTR_EXPIRE, NULL, 0 );
|
||||||
time_t cur_time = time (NULL);
|
time_t cur_time = time (NULL);
|
||||||
daysLeft = days_from_seconds(expire_time - cur_time);
|
if( cur_time > expire_time ) {
|
||||||
|
daysLeft = days_from_seconds(cur_time - expire_time);
|
||||||
|
daysLeft *= -1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
daysLeft = days_from_seconds(expire_time - cur_time);
|
||||||
gpgme_key_release( rKey );
|
gpgme_key_release( rKey );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -830,7 +835,7 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
|
|||||||
GpgmeCtx ctx;
|
GpgmeCtx ctx;
|
||||||
GpgmeError err;
|
GpgmeError err;
|
||||||
GpgmeKey rKey;
|
GpgmeKey rKey;
|
||||||
time_t daysLeft = 0;
|
int daysLeft = CRYPTPLUG_CERT_DOES_NEVER_EXPIRE;
|
||||||
|
|
||||||
gpgme_new( &ctx );
|
gpgme_new( &ctx );
|
||||||
gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
|
gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
|
||||||
@ -843,7 +848,12 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
|
|||||||
time_t expire_time = gpgme_key_get_ulong_attr(
|
time_t expire_time = gpgme_key_get_ulong_attr(
|
||||||
rKey,GPGME_ATTR_EXPIRE, NULL, 0 );
|
rKey,GPGME_ATTR_EXPIRE, NULL, 0 );
|
||||||
time_t cur_time = time (NULL);
|
time_t cur_time = time (NULL);
|
||||||
daysLeft = days_from_seconds(expire_time - cur_time);
|
if( cur_time > expire_time ) {
|
||||||
|
daysLeft = days_from_seconds(cur_time - expire_time);
|
||||||
|
daysLeft *= -1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
daysLeft = days_from_seconds(expire_time - cur_time);
|
||||||
gpgme_key_release( rKey );
|
gpgme_key_release( rKey );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -854,14 +864,6 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
return daysLeft;
|
return daysLeft;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* PENDING(g10)
|
|
||||||
Please return the number of days that are left until the
|
|
||||||
certificate specified in the parameter certificate expires.
|
|
||||||
*/
|
|
||||||
return 10; /* dummy that triggers a warning in the MUA */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -2362,7 +2364,7 @@ importCertificateFromMem( const char* data, size_t length , char** additional_in
|
|||||||
}
|
}
|
||||||
if( count < 1 ) {
|
if( count < 1 ) {
|
||||||
/* we didn't import anything?!? */
|
/* we didn't import anything?!? */
|
||||||
fprintf( stderr, "gpgme_op_import_ext did not import any certificate\n", err );
|
fprintf( stderr, "gpgme_op_import_ext did not import any certificate\n" );
|
||||||
gpgme_data_release( keydata );
|
gpgme_data_release( keydata );
|
||||||
gpgme_release( ctx );
|
gpgme_release( ctx );
|
||||||
return -1; /* FIXME */
|
return -1; /* FIXME */
|
||||||
|
Loading…
Reference in New Issue
Block a user