diff options
Diffstat (limited to 'apps/x509.c')
-rw-r--r-- | apps/x509.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/apps/x509.c b/apps/x509.c index d00511c78a..294fc69573 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -606,9 +606,12 @@ bad: sno = ASN1_INTEGER_new(); if (!sno || !rand_serial(NULL, sno)) goto end; + if (!X509_set_serialNumber(x, sno)) + goto end; + ASN1_INTEGER_free(sno); + sno = NULL; } - - if (!X509_set_serialNumber(x, sno)) + else if (!X509_set_serialNumber(x, sno)) goto end; if (!X509_set_issuer_name(x,req->req_info->subject)) goto end; @@ -996,9 +999,9 @@ bad: if (checkend) { - time_t tnow=time(NULL); + time_t tcheck=time(NULL) + checkoffset; - if (ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(x), tnow+checkoffset) == -1) + if (X509_cmp_time(X509_get_notAfter(x), &tcheck) < 0) { BIO_printf(out,"Certificate will expire\n"); ret=1; |