From 6a7a9340554a17e165cadf1164fbf8bf4b47cd43 Mon Sep 17 00:00:00 2001 From: Karl-Heinz Zimmer Date: Tue, 3 Sep 2002 16:21:34 +0000 Subject: [PATCH] AEgypten bugfix #1220: make sure that (a) negative numbers of days-left-to-expire-of-certificate are reported correctly by using an int instead of a time_t and (b) return the special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE to indicate that no expire date is stored in this certificate --- gpgmeplug/cryptplug.h | 66 +++++++++++++++++++++++++++++++------------ gpgmeplug/gpgmeplug.c | 30 +++++++++++--------- 2 files changed, 64 insertions(+), 32 deletions(-) diff --git a/gpgmeplug/cryptplug.h b/gpgmeplug/cryptplug.h index 3c52278..e1a613d 100644 --- a/gpgmeplug/cryptplug.h +++ b/gpgmeplug/cryptplug.h @@ -297,6 +297,8 @@ enum { typedef unsigned long SigStatusFlags; +#define CRYPTPLUG_CERT_DOES_NEVER_EXPIRE 365000 + @@ -621,12 +623,18 @@ void setSignatureCertificateExpiryNearWarning( bool ); */ bool signatureCertificateExpiryNearWarning( void ); - /*! \ingroup groupConfigSign - \brief Returns the number of days that are left until the - specified certificate expires. - \param certificate the certificate to check - */ - int signatureCertificateDaysLeftToExpiry( const char* certificate ); +/*! \ingroup groupConfigSign + \brief Returns the number of days that are left until the + specified certificate expires. + + Negative values show how many days ago the certificate DID expire, + a zero value means the certificate expires today, + special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is + no expire date stored in this certificate. + + \param certificate the certificate to check +*/ +int signatureCertificateDaysLeftToExpiry( const char* certificate ); /*! \ingroup groupConfigSign \brief Specifies the number of days which a signature certificate must @@ -654,12 +662,18 @@ void setCACertificateExpiryNearWarning( bool ); */ bool caCertificateExpiryNearWarning( void ); - /*! \ingroup groupConfigSign - \brief Returns the number of days that are left until the - CA certificate of the specified certificate expires. - \param certificate the certificate to check - */ - int caCertificateDaysLeftToExpiry( const char* certificate ); +/*! \ingroup groupConfigSign + \brief Returns the number of days that are left until the + CA certificate of the specified certificate expires. + + Negative values show how many days ago the certificate DID expire, + a zero value means the certificate expires today, + special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is + no expire date stored in this certificate. + + \param certificate the certificate to check +*/ +int caCertificateDaysLeftToExpiry( const char* certificate ); /*! \ingroup groupConfigSign \brief Specifies the number of days which a CA certificate must @@ -687,12 +701,18 @@ void setRootCertificateExpiryNearWarning( bool ); */ bool rootCertificateExpiryNearWarning( void ); - /*! \ingroup groupConfigSign - \brief Returns the number of days that are left until the - root certificate of the specified certificate expires. - \param certificate the certificate to check - */ - int rootCertificateDaysLeftToExpiry( const char* certificate ); +/*! \ingroup groupConfigSign + \brief Returns the number of days that are left until the + root certificate of the specified certificate expires. + + Negative values show how many days ago the certificate DID expire, + a zero value means the certificate expires today, + special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is + no expire date stored in this certificate. + + \param certificate the certificate to check +*/ +int rootCertificateDaysLeftToExpiry( const char* certificate ); /*! \ingroup groupConfigSign \brief Specifies the number of days which a root certificate must @@ -863,6 +883,11 @@ bool receiverCertificateExpiryNearWarning( void ); /*! \ingroup groupConfigCrypt \brief Returns the number of days until the specified receiver certificate expires. + + Negative values show how many days ago the certificate DID expire, + a zero value means the certificate expires today, + special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is + no expire date stored in this certificate. */ int receiverCertificateDaysLeftToExpiry( const char* certificate ); @@ -911,6 +936,11 @@ int certificateInChainExpiryNearWarningInterval( void ); /*! \ingroup groupConfigCrypt \brief Returns the number of days until the first certificate in the chain of the receiver certificate expires. + + Negative values show how many days ago the certificate DID expire, + a zero value means the certificate expires today, + special value CRYPTPLUG_CERT_DOES_NEVER_EXPIRE means there is + no expire date stored in this certificate. */ int certificateInChainDaysLeftToExpiry( const char* certificate ); diff --git a/gpgmeplug/gpgmeplug.c b/gpgmeplug/gpgmeplug.c index 404189d..fe456ff 100644 --- a/gpgmeplug/gpgmeplug.c +++ b/gpgmeplug/gpgmeplug.c @@ -545,7 +545,7 @@ int signatureCertificateDaysLeftToExpiry( const char* certificate ) GpgmeCtx ctx; GpgmeError err; GpgmeKey rKey; - time_t daysLeft = 0; + int daysLeft = CRYPTPLUG_CERT_DOES_NEVER_EXPIRE; gpgme_new( &ctx ); gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL ); @@ -556,9 +556,14 @@ int signatureCertificateDaysLeftToExpiry( const char* certificate ) gpgme_op_keylist_end( ctx ); if ( GPGME_No_Error == err ) { time_t expire_time = gpgme_key_get_ulong_attr( - rKey,GPGME_ATTR_EXPIRE, NULL, 0 ); + rKey, GPGME_ATTR_EXPIRE, NULL, 0 ); time_t cur_time = time (NULL); - daysLeft = days_from_seconds(expire_time - cur_time); + if( cur_time > expire_time ) { + daysLeft = days_from_seconds(cur_time - expire_time); + daysLeft *= -1; + } + else + daysLeft = days_from_seconds(expire_time - cur_time); gpgme_key_release( rKey ); } } @@ -830,7 +835,7 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate ) GpgmeCtx ctx; GpgmeError err; GpgmeKey rKey; - time_t daysLeft = 0; + int daysLeft = CRYPTPLUG_CERT_DOES_NEVER_EXPIRE; gpgme_new( &ctx ); gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL ); @@ -843,7 +848,12 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate ) time_t expire_time = gpgme_key_get_ulong_attr( rKey,GPGME_ATTR_EXPIRE, NULL, 0 ); time_t cur_time = time (NULL); - daysLeft = days_from_seconds(expire_time - cur_time); + if( cur_time > expire_time ) { + daysLeft = days_from_seconds(cur_time - expire_time); + daysLeft *= -1; + } + else + daysLeft = days_from_seconds(expire_time - cur_time); gpgme_key_release( rKey ); } } @@ -854,14 +864,6 @@ int receiverCertificateDaysLeftToExpiry( const char* certificate ) */ return daysLeft; - - - - /* PENDING(g10) - Please return the number of days that are left until the - certificate specified in the parameter certificate expires. - */ - return 10; /* dummy that triggers a warning in the MUA */ } @@ -2362,7 +2364,7 @@ importCertificateFromMem( const char* data, size_t length , char** additional_in } if( count < 1 ) { /* we didn't import anything?!? */ - fprintf( stderr, "gpgme_op_import_ext did not import any certificate\n", err ); + fprintf( stderr, "gpgme_op_import_ext did not import any certificate\n" ); gpgme_data_release( keydata ); gpgme_release( ctx ); return -1; /* FIXME */ -- 2.26.2