-/* $OpenBSD: aspa.c,v 1.13 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: aspa.c,v 1.14 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
if (!x509_get_notbefore(*x509, fn, &p.res->notbefore))
goto out;
- if (!x509_get_expire(*x509, fn, &p.res->expires))
+ if (!x509_get_notafter(*x509, fn, &p.res->notafter))
goto out;
if (x509_any_inherits(*x509)) {
{
io_simple_buffer(b, &p->valid, sizeof(p->valid));
io_simple_buffer(b, &p->custasid, sizeof(p->custasid));
- io_simple_buffer(b, &p->expires, sizeof(p->expires));
+ io_simple_buffer(b, &p->notafter, sizeof(p->notafter));
io_simple_buffer(b, &p->providersz, sizeof(size_t));
io_simple_buffer(b, p->providers,
io_read_buf(b, &p->valid, sizeof(p->valid));
io_read_buf(b, &p->custasid, sizeof(p->custasid));
- io_read_buf(b, &p->expires, sizeof(p->expires));
+ io_read_buf(b, &p->notafter, sizeof(p->notafter));
io_read_buf(b, &p->providersz, sizeof(size_t));
if ((p->providers = calloc(p->providersz,
if ((v = calloc(1, sizeof(*v))) == NULL)
err(1, NULL);
v->custasid = aspa->custasid;
- v->expires = aspa->expires;
+ v->expires = aspa->notafter;
if ((found = RB_INSERT(vap_tree, tree, v)) != NULL) {
if (found->expires > v->expires)
-/* $OpenBSD: cert.c,v 1.105 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: cert.c,v 1.106 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2021 Job Snijders <job@openbsd.org>
goto out;
if (!x509_get_notbefore(x, p.fn, &p.res->notbefore))
goto out;
- if (!x509_get_expire(x, p.fn, &p.res->expires))
+ if (!x509_get_notafter(x, p.fn, &p.res->notafter))
goto out;
p.res->purpose = x509_get_purpose(x, p.fn);
void
cert_buffer(struct ibuf *b, const struct cert *p)
{
- io_simple_buffer(b, &p->expires, sizeof(p->expires));
+ io_simple_buffer(b, &p->notafter, sizeof(p->notafter));
io_simple_buffer(b, &p->purpose, sizeof(p->purpose));
io_simple_buffer(b, &p->talid, sizeof(p->talid));
io_simple_buffer(b, &p->repoid, sizeof(p->repoid));
if ((p = calloc(1, sizeof(struct cert))) == NULL)
err(1, NULL);
- io_read_buf(b, &p->expires, sizeof(p->expires));
+ io_read_buf(b, &p->notafter, sizeof(p->notafter));
io_read_buf(b, &p->purpose, sizeof(p->purpose));
io_read_buf(b, &p->talid, sizeof(p->talid));
io_read_buf(b, &p->repoid, sizeof(p->repoid));
err(1, NULL);
b->asid = asid;
- b->expires = cert->expires;
+ b->expires = cert->notafter;
b->talid = cert->talid;
if ((b->ski = strdup(cert->ski)) == NULL)
err(1, NULL);
-/* $OpenBSD: crl.c,v 1.23 2023/03/06 16:58:41 job Exp $ */
+/* $OpenBSD: crl.c,v 1.24 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
warnx("%s: X509_CRL_get0_lastUpdate failed", fn);
goto out;
}
- if (!x509_get_time(at, &crl->issued)) {
+ if (!x509_get_time(at, &crl->lastupdate)) {
warnx("%s: ASN1_time_parse failed", fn);
goto out;
}
warnx("%s: X509_CRL_get0_nextUpdate failed", fn);
goto out;
}
- if (!x509_get_time(at, &crl->expires)) {
+ if (!x509_get_time(at, &crl->nextupdate)) {
warnx("%s: ASN1_time_parse failed", fn);
goto out;
}
-/* $OpenBSD: extern.h,v 1.171 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: extern.h,v 1.172 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
char *pubkey; /* Subject Public Key Info */
X509 *x509; /* the cert */
time_t notbefore; /* cert's Not Before */
- time_t expires; /* do not use after */
+ time_t notafter; /* cert's Not After */
};
/*
char *ski; /* SKI */
time_t signtime; /* CMS signing-time attribute */
time_t notbefore; /* EE cert's Not Before */
- time_t expires; /* do not use after */
+ time_t notafter; /* EE cert's Not After */
};
struct rscfile {
char *ski; /* SKI */
time_t signtime; /* CMS signing-time attribute */
time_t notbefore; /* EE cert's Not Before */
- time_t expires; /* Not After of the RSC EE */
+ time_t notafter; /* Not After of the RSC EE */
};
/*
char *ski; /* SKI */
time_t signtime; /* CMS signing-time attribute */
time_t notbefore; /* EE cert's Not Before */
- time_t expires; /* Not After of the TAK EE */
+ time_t notafter; /* Not After of the TAK EE */
};
/*
char *ski; /* SKI */
time_t signtime; /* CMS signing-time attribute */
time_t notbefore; /* EE cert's Not Before */
- time_t expires; /* Not After of the Geofeed EE */
+ time_t notafter; /* Not After of the Geofeed EE */
int valid; /* all resources covered */
};
char *ski; /* SKI */
time_t signtime; /* CMS signing-time attribute */
time_t notbefore; /* EE cert's Not Before */
- time_t expires; /* Not After of the GBR EE */
+ time_t notafter; /* Not After of the GBR EE */
};
struct aspa_provider {
size_t providersz; /* number of providers */
time_t signtime; /* CMS signing-time attribute */
time_t notbefore; /* EE cert's Not Before */
- time_t expires; /* NotAfter of the ASPA EE cert */
+ time_t notafter; /* notAfter of the ASPA EE cert */
};
/*
RB_ENTRY(crl) entry;
char *aki;
X509_CRL *x509_crl;
- time_t issued; /* do not use before */
- time_t expires; /* do not use after */
+ time_t lastupdate; /* do not use before */
+ time_t nextupdate; /* do not use after */
};
/*
* Tree of CRLs sorted by uri
int x509_get_sia(X509 *, const char *, char **);
int x509_get_ski(X509 *, const char *, char **);
int x509_get_notbefore(X509 *, const char *, time_t *);
-int x509_get_expire(X509 *, const char *, time_t *);
+int x509_get_notafter(X509 *, const char *, time_t *);
int x509_get_crl(X509 *, const char *, char **);
char *x509_crl_get_aki(X509_CRL *, const char *);
char *x509_get_pubkey(X509 *, const char *);
-/* $OpenBSD: gbr.c,v 1.24 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: gbr.c,v 1.25 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org>
*
if (!x509_get_notbefore(*x509, fn, &p.res->notbefore))
goto out;
- if (!x509_get_expire(*x509, fn, &p.res->expires))
+ if (!x509_get_notafter(*x509, fn, &p.res->notafter))
goto out;
if (!x509_inherits(*x509)) {
-/* $OpenBSD: geofeed.c,v 1.12 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: geofeed.c,v 1.13 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
if (!x509_get_notbefore(*x509, fn, &p.res->notbefore))
goto out;
- if (!x509_get_expire(*x509, fn, &p.res->expires))
+ if (!x509_get_notafter(*x509, fn, &p.res->notafter))
goto out;
if ((cert = cert_parse_ee_cert(fn, *x509)) == NULL)
-/* $OpenBSD: parser.c,v 1.86 2023/02/23 13:06:42 tb Exp $ */
+/* $OpenBSD: parser.c,v 1.87 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
/*
* Check CRL to figure out the soonest transitive expiry moment
*/
- if (crl != NULL && roa->expires > crl->expires)
- roa->expires = crl->expires;
+ if (crl != NULL && roa->notafter > crl->nextupdate)
+ roa->notafter = crl->nextupdate;
/*
* Scan the cert tree to figure out the soonest transitive
* expiry moment
*/
for (; a != NULL; a = a->parent) {
- if (roa->expires > a->cert->expires)
- roa->expires = a->cert->expires;
+ if (roa->notafter > a->cert->notafter)
+ roa->notafter = a->cert->notafter;
}
return roa;
aspa->talid = a->cert->talid;
- if (crl != NULL && aspa->expires > crl->expires)
- aspa->expires = crl->expires;
+ if (crl != NULL && aspa->notafter > crl->nextupdate)
+ aspa->notafter = crl->nextupdate;
for (; a != NULL; a = a->parent) {
- if (aspa->expires > a->cert->expires)
- aspa->expires = a->cert->expires;
+ if (aspa->notafter > a->cert->notafter)
+ aspa->notafter = a->cert->notafter;
}
return aspa;
-/* $OpenBSD: print.c,v 1.30 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: print.c,v 1.31 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
if (p->pubkey != NULL)
printf("\t\"router_key\": \"%s\",\n", p->pubkey);
printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore);
- printf("\t\"valid_until\": %lld,\n", (long long)p->expires);
+ printf("\t\"valid_until\": %lld,\n", (long long)p->notafter);
printf("\t\"subordinate_resources\": [\n");
} else {
printf("Subject key identifier: %s\n", pretty_key_id(p->ski));
printf("Router key valid since: %s\n",
time2str(p->notbefore));
printf("Router key valid until: %s\n",
- time2str(p->expires));
+ time2str(p->notafter));
} else {
printf("Certificate valid since: %s\n",
time2str(p->notbefore));
printf("Certificate valid until: %s\n",
- time2str(p->expires));
+ time2str(p->notafter));
}
printf("Subordinate resources: ");
}
ASN1_INTEGER_free(crlnum);
if (outformats & FORMAT_JSON) {
- printf("\t\"valid_since\": %lld,\n", (long long)p->issued);
- printf("\t\"valid_until\": %lld,\n", (long long)p->expires);
+ printf("\t\"valid_since\": %lld,\n", (long long)p->lastupdate);
+ printf("\t\"valid_until\": %lld,\n", (long long)p->nextupdate);
printf("\t\"revoked_certs\": [\n");
} else {
- printf("CRL valid since: %s\n", time2str(p->issued));
- printf("CRL valid until: %s\n", time2str(p->expires));
+ printf("CRL valid since: %s\n",
+ time2str(p->lastupdate));
+ printf("CRL valid until: %s\n",
+ time2str(p->nextupdate));
printf("Revoked Certificates:\n");
}
printf("\t\"signing_time\": %lld,\n",
(long long)p->signtime);
printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore);
- printf("\t\"valid_until\": %lld,\n", (long long)p->expires);
+ printf("\t\"valid_until\": %lld,\n", (long long)p->notafter);
} else {
printf("Subject key identifier: %s\n", pretty_key_id(p->ski));
x509_print(x);
time2str(p->signtime));
printf("ROA valid since: %s\n",
time2str(p->notbefore));
- printf("ROA valid until: %s\n", time2str(p->expires));
+ printf("ROA valid until: %s\n", time2str(p->notafter));
printf("asID: %u\n", p->asid);
printf("IP address blocks: ");
}
printf("\t\"signing_time\": %lld,\n",
(long long)p->signtime);
printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore);
- printf("\t\"valid_until\": %lld,\n", (long long)p->expires);
+ printf("\t\"valid_until\": %lld,\n", (long long)p->notafter);
printf("\t\"vcard\": \"");
for (i = 0; i < strlen(p->vcard); i++) {
if (p->vcard[i] == '"')
time2str(p->signtime));
printf("GBR valid since: %s\n",
time2str(p->notbefore));
- printf("GBR valid until: %s\n", time2str(p->expires));
+ printf("GBR valid until: %s\n", time2str(p->notafter));
printf("vcard:\n%s", p->vcard);
}
}
printf("\t\"signing_time\": %lld,\n",
(long long)p->signtime);
printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore);
- printf("\t\"valid_until\": %lld,\n", (long long)p->expires);
+ printf("\t\"valid_until\": %lld,\n", (long long)p->notafter);
printf("\t\"signed_with_resources\": [\n");
} else {
printf("Subject key identifier: %s\n", pretty_key_id(p->ski));
time2str(p->signtime));
printf("RSC valid since: %s\n",
time2str(p->notbefore));
- printf("RSC valid until: %s\n", time2str(p->expires));
+ printf("RSC valid until: %s\n", time2str(p->notafter));
printf("Signed with resources: ");
}
printf("\t\"signing_time\": %lld,\n",
(long long)p->signtime);
printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore);
- printf("\t\"valid_until\": %lld,\n", (long long)p->expires);
+ printf("\t\"valid_until\": %lld,\n", (long long)p->notafter);
printf("\t\"customer_asid\": %u,\n", p->custasid);
printf("\t\"provider_set\": [\n");
for (i = 0; i < p->providersz; i++) {
time2str(p->signtime));
printf("ASPA valid since: %s\n",
time2str(p->notbefore));
- printf("ASPA valid until: %s\n", time2str(p->expires));
+ printf("ASPA valid until: %s\n", time2str(p->notafter));
printf("Customer AS: %u\n", p->custasid);
printf("Provider Set: ");
for (i = 0; i < p->providersz; i++) {
printf("\t\"signing_time\": %lld,\n",
(long long)p->signtime);
printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore);
- printf("\t\"valid_until\": %lld,\n", (long long)p->expires);
+ printf("\t\"valid_until\": %lld,\n", (long long)p->notafter);
printf("\t\"takeys\": [\n");
} else {
printf("Subject key identifier: %s\n", pretty_key_id(p->ski));
time2str(p->signtime));
printf("TAK valid since: %s\n",
time2str(p->notbefore));
- printf("TAK valid until: %s\n", time2str(p->expires));
+ printf("TAK valid until: %s\n", time2str(p->notafter));
}
takey_print("current", p->current);
printf("\t\"signing_time\": %lld,\n",
(long long)p->signtime);
printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore);
- printf("\t\"valid_until\": %lld,\n", (long long)p->expires);
+ printf("\t\"valid_until\": %lld,\n", (long long)p->notafter);
printf("\t\"records\": [\n");
} else {
printf("Subject key identifier: %s\n", pretty_key_id(p->ski));
time2str(p->signtime));
printf("Geofeed valid since: %s\n",
time2str(p->notbefore));
- printf("Geofeed valid until: %s\n", time2str(p->expires));
+ printf("Geofeed valid until: %s\n", time2str(p->notafter));
printf("Geofeed CSV records:\n");
}
-/* $OpenBSD: roa.c,v 1.62 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: roa.c,v 1.63 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
if (!x509_get_notbefore(*x509, fn, &p.res->notbefore))
goto out;
- if (!x509_get_expire(*x509, fn, &p.res->expires))
+ if (!x509_get_notafter(*x509, fn, &p.res->notafter))
goto out;
if (!roa_parse_econtent(cms, cmsz, &p))
io_simple_buffer(b, &p->asid, sizeof(p->asid));
io_simple_buffer(b, &p->talid, sizeof(p->talid));
io_simple_buffer(b, &p->ipsz, sizeof(p->ipsz));
- io_simple_buffer(b, &p->expires, sizeof(p->expires));
+ io_simple_buffer(b, &p->notafter, sizeof(p->notafter));
io_simple_buffer(b, p->ips, p->ipsz * sizeof(p->ips[0]));
io_read_buf(b, &p->asid, sizeof(p->asid));
io_read_buf(b, &p->talid, sizeof(p->talid));
io_read_buf(b, &p->ipsz, sizeof(p->ipsz));
- io_read_buf(b, &p->expires, sizeof(p->expires));
+ io_read_buf(b, &p->notafter, sizeof(p->notafter));
if ((p->ips = calloc(p->ipsz, sizeof(struct roa_ip))) == NULL)
err(1, NULL);
v->repoid = repo_id(rp);
else
v->repoid = 0;
- v->expires = roa->expires;
+ v->expires = roa->notafter;
/*
* Check if a similar VRP already exists in the tree.
-/* $OpenBSD: rsc.c,v 1.22 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: rsc.c,v 1.23 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2022 Job Snijders <job@fastly.com>
if (!x509_get_notbefore(*x509, fn, &p.res->notbefore))
goto out;
- if (!x509_get_expire(*x509, fn, &p.res->expires))
+ if (!x509_get_notafter(*x509, fn, &p.res->notafter))
goto out;
if (X509_get_ext_by_NID(*x509, NID_sinfo_access, -1) != -1) {
-/* $OpenBSD: tak.c,v 1.6 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: tak.c,v 1.7 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
if (!x509_get_notbefore(*x509, fn, &p.res->notbefore))
goto out;
- if (!x509_get_expire(*x509, fn, &p.res->expires))
+ if (!x509_get_notafter(*x509, fn, &p.res->notafter))
goto out;
if (!x509_inherits(*x509)) {
-/* $OpenBSD: x509.c,v 1.67 2023/03/10 12:02:11 job Exp $ */
+/* $OpenBSD: x509.c,v 1.68 2023/03/10 12:44:56 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
}
/*
- * Extract the expire time (not-after) of a certificate.
+ * Extract the notAfter from a certificate.
*/
int
-x509_get_expire(X509 *x, const char *fn, time_t *tt)
+x509_get_notafter(X509 *x, const char *fn, time_t *tt)
{
const ASN1_TIME *at;
projects / openbsd / commitdiff