diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2016-01-14 00:25:25 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2016-01-14 02:59:06 +0000 |
| commit | 9aa00b187a65b1f30789d6274ec31ea86efe7973 (patch) | |
| tree | 831beb8973464d44f3b90d296afba8d23b0f187e /apps/x509.c | |
| parent | b098dcae66433efc4c073ca2cc5fc64cdf8a613e (diff) | |
| download | openssl-new-9aa00b187a65b1f30789d6274ec31ea86efe7973.tar.gz | |
To avoid possible time_t overflow use X509_time_adj_ex()
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Diffstat (limited to 'apps/x509.c')
| -rw-r--r-- | apps/x509.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/apps/x509.c b/apps/x509.c index 283d0552af..37d3a71e4a 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -1101,8 +1101,7 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, if (X509_gmtime_adj(X509_get_notBefore(x), 0) == NULL) goto err; - if (X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days) == - NULL) + if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL) goto err; if (!X509_set_pubkey(x, pkey)) |