From: claudio <claudio@openbsd.org>
Date: Tue, 11 May 2021 11:32:51 +0000 (+0000)
Subject: Before calling ASN1_time_parse() initialize the struct tm. While
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=4ce9ae2a87c80f476a77c95d1301b1f761e179f8;p=openbsd

Before calling ASN1_time_parse() initialize the struct tm. While
recent libressl version initalise the struct tm properly older
versions did not and so -portable runs into problem on systems
with older libressl versions installed.
Problem found by job@
OK tb@
---

diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c
index 757e9594393..e1c68ac1b11 100644
--- a/usr.sbin/rpki-client/mft.c
+++ b/usr.sbin/rpki-client/mft.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: mft.c,v 1.33 2021/05/09 11:25:32 tb Exp $ */
+/*	$OpenBSD: mft.c,v 1.34 2021/05/11 11:32:51 claudio Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -70,6 +70,7 @@ generalizedtime_to_tm(const ASN1_GENERALIZEDTIME *gtime, struct tm *tm)
 	data = ASN1_STRING_get0_data(gtime);
 	len = ASN1_STRING_length(gtime);
 
+	memset(tm, 0, sizeof(*tm));
 	return ASN1_time_parse(data, len, tm, V_ASN1_GENERALIZEDTIME) ==
 	    V_ASN1_GENERALIZEDTIME;
 }
diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c
index 6f05644e66a..64510697025 100644
--- a/usr.sbin/rpki-client/parser.c
+++ b/usr.sbin/rpki-client/parser.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parser.c,v 1.9 2021/05/09 11:18:57 tb Exp $ */
+/*	$OpenBSD: parser.c,v 1.10 2021/05/11 11:32:51 claudio Exp $ */
 /*
  * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -101,6 +101,7 @@ proc_parser_roa(struct entity *entp,
 			err(1, "X509_CRL_get0_nextUpdate failed");
 			goto out;
 		}
+		memset(&expires_tm, 0, sizeof(expires_tm));
 		if (ASN1_time_parse(at->data, at->length, &expires_tm,
 		    V_ASN1_UTCTIME) != V_ASN1_UTCTIME) {
 			err(1, "ASN1_time_parse failed");
@@ -126,6 +127,7 @@ proc_parser_roa(struct entity *entp,
 			err(1, "X509_get0_notafter failed");
 			goto out;
 		}
+		memset(&expires_tm, 0, sizeof(expires_tm));
 		if (ASN1_time_parse(at->data, at->length, &expires_tm,
 		    V_ASN1_UTCTIME) != V_ASN1_UTCTIME) {
 			err(1, "ASN1_time_parse failed");
diff --git a/usr.sbin/rpki-client/roa.c b/usr.sbin/rpki-client/roa.c
index 236df321d5a..4bcf60ea7d7 100644
--- a/usr.sbin/rpki-client/roa.c
+++ b/usr.sbin/rpki-client/roa.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: roa.c,v 1.18 2021/05/06 17:03:57 job Exp $ */
+/*	$OpenBSD: roa.c,v 1.19 2021/05/11 11:32:51 claudio Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -366,6 +366,7 @@ roa_parse(X509 **x509, const char *fn)
 		warnx("%s: X509_get0_notAfter failed", fn);
 		goto out;
 	}
+	memset(&expires_tm, 0, sizeof(expires_tm));
 	if (ASN1_time_parse(at->data, at->length, &expires_tm, 0) == -1) {
 		warnx("%s: ASN1_time_parse failed", fn);
 		goto out;