X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Fcrypto%2FCRL.cpp;h=1a31cdd3be24627e1694144188958d4367d63247;hb=5880a76d92f96db6f94ebdf0bdfebd989f10b232;hp=b7a69fe80fee40dde9f3dba19587c4860ff5c27a;hpb=56358cbe81dd0d11267a06133ce227c2c53f10f7;p=cassiopeia.git

diff --git a/src/crypto/CRL.cpp b/src/crypto/CRL.cpp
index b7a69fe..1a31cdd 100644
--- a/src/crypto/CRL.cpp
+++ b/src/crypto/CRL.cpp
@@ -38,17 +38,17 @@ std::string CRL::revoke( std::string serial, std::string time ) {
 
     if( time != "" ) {
         const unsigned char* data = ( unsigned char* )( time.data() );
-        d2i_ASN1_UTCTIME( &rev->revocationDate, &data, time.size() );
+        d2i_ASN1_TIME( &rev->revocationDate, &data, time.size() );
     } else {
         X509_REVOKED_set_revocationDate( rev, tmptm.get() );
     }
 
     X509_CRL_add0_revoked( crl.get(), rev );
 
-    int len = i2d_ASN1_UTCTIME( tmptm.get(), NULL );
+    int len = i2d_ASN1_TIME( tmptm.get(), NULL );
     unsigned char* buffer = ( unsigned char* ) OPENSSL_malloc( len );
     unsigned char* pos = buffer;
-    i2d_ASN1_UTCTIME( tmptm.get(), &pos );
+    i2d_ASN1_TIME( tmptm.get(), &pos );
     std::string rettime = std::string( ( char* ) buffer, len );
     OPENSSL_free( buffer );
     return rettime;
@@ -99,15 +99,15 @@ std::string CRL::toString() {
 std::string CRL::getSignature() {
     int len = i2d_X509_ALGOR( crl->sig_alg, NULL );
     len += i2d_ASN1_BIT_STRING( crl->signature, NULL );
-    len += i2d_ASN1_UTCTIME( crl->crl->lastUpdate, NULL );
-    len += i2d_ASN1_UTCTIME( crl->crl->nextUpdate, NULL );
+    len += i2d_ASN1_TIME( crl->crl->lastUpdate, NULL );
+    len += i2d_ASN1_TIME( crl->crl->nextUpdate, NULL );
 
     unsigned char* buffer = ( unsigned char* ) OPENSSL_malloc( len );
     unsigned char* pos = buffer;
     i2d_X509_ALGOR( crl->sig_alg, &pos );
     i2d_ASN1_BIT_STRING( crl->signature, &pos );
-    i2d_ASN1_UTCTIME( crl->crl->lastUpdate, &pos );
-    i2d_ASN1_UTCTIME( crl->crl->nextUpdate, &pos );
+    i2d_ASN1_TIME( crl->crl->lastUpdate, &pos );
+    i2d_ASN1_TIME( crl->crl->nextUpdate, &pos );
     std::string res = std::string( ( char* ) buffer, len );
     OPENSSL_free( buffer );
 
@@ -119,6 +119,20 @@ void CRL::setSignature( std::string signature ) {
     const unsigned char* buffer = data;
     d2i_X509_ALGOR( &crl->sig_alg, &buffer, signature.size() );
     d2i_ASN1_BIT_STRING( &crl->signature, &buffer, signature.size() + data - buffer );
-    d2i_ASN1_UTCTIME( &crl->crl->lastUpdate, &buffer, signature.size() + data - buffer );
-    d2i_ASN1_UTCTIME( &crl->crl->nextUpdate, &buffer, signature.size() + data - buffer );
+    d2i_ASN1_TIME( &crl->crl->lastUpdate, &buffer, signature.size() + data - buffer );
+    d2i_ASN1_TIME( &crl->crl->nextUpdate, &buffer, signature.size() + data - buffer );
+}
+
+bool CRL::needsResign() {
+    time_t current;
+    time( &current );
+    current += 60 * 60;// 1 hour
+    auto time = X509_CRL_get_nextUpdate( crl.get() );
+
+    if( !time ) {
+        return true;
+    }
+
+    int cmp =  X509_cmp_time( time, &current );
+    return cmp < 0;
 }