AEgypten bugfix #1220: make sure that (a) negative numbers of days-left-to-expire-of-certificate are reported correctly by using an int instead of a time_t and (b) return the special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE to indicate that no expire date is stored in this certificate

This commit is contained in:
Karl-Heinz Zimmer 2002-09-03 16:21:34 +00:00
parent 20707b1928
commit 6a7a934055
2 changed files with 64 additions and 32 deletions

View File

@ -297,6 +297,8 @@ enum {
typedef unsigned long SigStatusFlags; typedef unsigned long SigStatusFlags;
#define CRYPTPLUG_CERT_DOES_NEVER_EXPIRE 365000
@ -621,12 +623,18 @@ void setSignatureCertificateExpiryNearWarning( bool );
*/ */
bool signatureCertificateExpiryNearWarning( void ); bool signatureCertificateExpiryNearWarning( void );
/*! \ingroup groupConfigSign /*! \ingroup groupConfigSign
\brief Returns the number of days that are left until the \brief Returns the number of days that are left until the
specified certificate expires. specified certificate expires.
\param certificate the certificate to check
*/ Negative values show how many days ago the certificate DID expire,
int signatureCertificateDaysLeftToExpiry( const char* certificate ); a zero value means the certificate expires today,
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
no expire date stored in this certificate.
\param certificate the certificate to check
*/
int signatureCertificateDaysLeftToExpiry( const char* certificate );
/*! \ingroup groupConfigSign /*! \ingroup groupConfigSign
\brief Specifies the number of days which a signature certificate must \brief Specifies the number of days which a signature certificate must
@ -654,12 +662,18 @@ void setCACertificateExpiryNearWarning( bool );
*/ */
bool caCertificateExpiryNearWarning( void ); bool caCertificateExpiryNearWarning( void );
/*! \ingroup groupConfigSign /*! \ingroup groupConfigSign
\brief Returns the number of days that are left until the \brief Returns the number of days that are left until the
CA certificate of the specified certificate expires. CA certificate of the specified certificate expires.
\param certificate the certificate to check
*/ Negative values show how many days ago the certificate DID expire,
int caCertificateDaysLeftToExpiry( const char* certificate ); a zero value means the certificate expires today,
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
no expire date stored in this certificate.
\param certificate the certificate to check
*/
int caCertificateDaysLeftToExpiry( const char* certificate );
/*! \ingroup groupConfigSign /*! \ingroup groupConfigSign
\brief Specifies the number of days which a CA certificate must \brief Specifies the number of days which a CA certificate must
@ -687,12 +701,18 @@ void setRootCertificateExpiryNearWarning( bool );
*/ */
bool rootCertificateExpiryNearWarning( void ); bool rootCertificateExpiryNearWarning( void );
/*! \ingroup groupConfigSign /*! \ingroup groupConfigSign
\brief Returns the number of days that are left until the \brief Returns the number of days that are left until the
root certificate of the specified certificate expires. root certificate of the specified certificate expires.
\param certificate the certificate to check
*/ Negative values show how many days ago the certificate DID expire,
int rootCertificateDaysLeftToExpiry( const char* certificate ); a zero value means the certificate expires today,
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
no expire date stored in this certificate.
\param certificate the certificate to check
*/
int rootCertificateDaysLeftToExpiry( const char* certificate );
/*! \ingroup groupConfigSign /*! \ingroup groupConfigSign
\brief Specifies the number of days which a root certificate must \brief Specifies the number of days which a root certificate must
@ -863,6 +883,11 @@ bool receiverCertificateExpiryNearWarning( void );
/*! \ingroup groupConfigCrypt /*! \ingroup groupConfigCrypt
\brief Returns the number of days until the specified receiver \brief Returns the number of days until the specified receiver
certificate expires. certificate expires.
Negative values show how many days ago the certificate DID expire,
a zero value means the certificate expires today,
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
no expire date stored in this certificate.
*/ */
int receiverCertificateDaysLeftToExpiry( const char* certificate ); int receiverCertificateDaysLeftToExpiry( const char* certificate );
@ -911,6 +936,11 @@ int certificateInChainExpiryNearWarningInterval( void );
/*! \ingroup groupConfigCrypt /*! \ingroup groupConfigCrypt
\brief Returns the number of days until the first certificate in \brief Returns the number of days until the first certificate in
the chain of the receiver certificate expires. the chain of the receiver certificate expires.
Negative values show how many days ago the certificate DID expire,
a zero value means the certificate expires today,
special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is
no expire date stored in this certificate.
*/ */
int certificateInChainDaysLeftToExpiry( const char* certificate ); int certificateInChainDaysLeftToExpiry( const char* certificate );

View File

@ -545,7 +545,7 @@ int signatureCertificateDaysLeftToExpiry( const char* certificate )
GpgmeCtx ctx; GpgmeCtx ctx;
GpgmeError err; GpgmeError err;
GpgmeKey rKey; GpgmeKey rKey;
time_t daysLeft = 0; int daysLeft = CRYPTPLUG_CERT_DOES_NEVER_EXPIRE;
gpgme_new( &ctx ); gpgme_new( &ctx );
gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL ); gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
@ -556,9 +556,14 @@ int signatureCertificateDaysLeftToExpiry( const char* certificate )
gpgme_op_keylist_end( ctx ); gpgme_op_keylist_end( ctx );
if ( GPGME_No_Error == err ) { if ( GPGME_No_Error == err ) {
time_t expire_time = gpgme_key_get_ulong_attr( time_t expire_time = gpgme_key_get_ulong_attr(
rKey,GPGME_ATTR_EXPIRE, NULL, 0 ); rKey, GPGME_ATTR_EXPIRE, NULL, 0 );
time_t cur_time = time (NULL); time_t cur_time = time (NULL);
daysLeft = days_from_seconds(expire_time - cur_time); if( cur_time > expire_time ) {
daysLeft = days_from_seconds(cur_time - expire_time);
daysLeft *= -1;
}
else
daysLeft = days_from_seconds(expire_time - cur_time);
gpgme_key_release( rKey ); gpgme_key_release( rKey );
} }
} }
@ -830,7 +835,7 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
GpgmeCtx ctx; GpgmeCtx ctx;
GpgmeError err; GpgmeError err;
GpgmeKey rKey; GpgmeKey rKey;
time_t daysLeft = 0; int daysLeft = CRYPTPLUG_CERT_DOES_NEVER_EXPIRE;
gpgme_new( &ctx ); gpgme_new( &ctx );
gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL ); gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
@ -843,7 +848,12 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
time_t expire_time = gpgme_key_get_ulong_attr( time_t expire_time = gpgme_key_get_ulong_attr(
rKey,GPGME_ATTR_EXPIRE, NULL, 0 ); rKey,GPGME_ATTR_EXPIRE, NULL, 0 );
time_t cur_time = time (NULL); time_t cur_time = time (NULL);
daysLeft = days_from_seconds(expire_time - cur_time); if( cur_time > expire_time ) {
daysLeft = days_from_seconds(cur_time - expire_time);
daysLeft *= -1;
}
else
daysLeft = days_from_seconds(expire_time - cur_time);
gpgme_key_release( rKey ); gpgme_key_release( rKey );
} }
} }
@ -854,14 +864,6 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate )
*/ */
return daysLeft; return daysLeft;
/* PENDING(g10)
Please return the number of days that are left until the
certificate specified in the parameter certificate expires.
*/
return 10; /* dummy that triggers a warning in the MUA */
} }
@ -2362,7 +2364,7 @@ importCertificateFromMem( const char* data, size_t length , char** additional_in
} }
if( count < 1 ) { if( count < 1 ) {
/* we didn't import anything?!? */ /* we didn't import anything?!? */
fprintf( stderr, "gpgme_op_import_ext did not import any certificate\n", err ); fprintf( stderr, "gpgme_op_import_ext did not import any certificate\n" );
gpgme_data_release( keydata ); gpgme_data_release( keydata );
gpgme_release( ctx ); gpgme_release( ctx );
return -1; /* FIXME */ return -1; /* FIXME */