- djm@cvs.openbsd.org 2013/10/23 04:16:22

[ssh-keygen.c]
     Make code match documentation: relative-specified certificate expiry time
     should be relative to current time and not the validity start time.
     Reported by Petr Lautrbach; ok deraadt@
This commit is contained in:
Damien Miller 2013-10-23 16:31:31 +11:00
parent eff5cada58
commit 5b01b0dcb4
2 changed files with 7 additions and 2 deletions

View File

@ -22,6 +22,11 @@
- djm@cvs.openbsd.org 2013/10/23 03:05:19
[readconf.c ssh.c]
comment
- djm@cvs.openbsd.org 2013/10/23 04:16:22
[ssh-keygen.c]
Make code match documentation: relative-specified certificate expiry time
should be relative to current time and not the validity start time.
Reported by Petr Lautrbach; ok deraadt@
20131018
- (djm) OpenBSD CVS Sync

View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-keygen.c,v 1.234 2013/09/02 22:00:34 deraadt Exp $ */
/* $OpenBSD: ssh-keygen.c,v 1.235 2013/10/23 04:16:22 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1743,7 +1743,7 @@ parse_cert_times(char *timespec)
cert_valid_from = parse_absolute_time(from);
if (*to == '-' || *to == '+')
cert_valid_to = parse_relative_time(to, cert_valid_from);
cert_valid_to = parse_relative_time(to, now);
else
cert_valid_to = parse_absolute_time(to);