From 9f544822065c3e68dbbe754960126f255659c17c Mon Sep 17 00:00:00 2001 From: job Date: Fri, 10 Mar 2023 12:44:56 +0000 Subject: [PATCH] mechanical change, rename struct members to match the original X509 names OK tb@ --- usr.sbin/rpki-client/aspa.c | 10 ++++---- usr.sbin/rpki-client/cert.c | 10 ++++---- usr.sbin/rpki-client/crl.c | 6 ++--- usr.sbin/rpki-client/extern.h | 22 +++++++++--------- usr.sbin/rpki-client/gbr.c | 4 ++-- usr.sbin/rpki-client/geofeed.c | 4 ++-- usr.sbin/rpki-client/parser.c | 18 +++++++-------- usr.sbin/rpki-client/print.c | 42 ++++++++++++++++++---------------- usr.sbin/rpki-client/roa.c | 10 ++++---- usr.sbin/rpki-client/rsc.c | 4 ++-- usr.sbin/rpki-client/tak.c | 4 ++-- usr.sbin/rpki-client/x509.c | 6 ++--- 12 files changed, 71 insertions(+), 69 deletions(-) diff --git a/usr.sbin/rpki-client/aspa.c b/usr.sbin/rpki-client/aspa.c index 827a69d8604..2a17f2280fa 100644 --- a/usr.sbin/rpki-client/aspa.c +++ b/usr.sbin/rpki-client/aspa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: aspa.c,v 1.13 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: aspa.c,v 1.14 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2022 Job Snijders * Copyright (c) 2022 Theo Buehler @@ -227,7 +227,7 @@ aspa_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len) if (!x509_get_notbefore(*x509, fn, &p.res->notbefore)) goto out; - if (!x509_get_expire(*x509, fn, &p.res->expires)) + if (!x509_get_notafter(*x509, fn, &p.res->notafter)) goto out; if (x509_any_inherits(*x509)) { @@ -283,7 +283,7 @@ aspa_buffer(struct ibuf *b, const struct aspa *p) { io_simple_buffer(b, &p->valid, sizeof(p->valid)); io_simple_buffer(b, &p->custasid, sizeof(p->custasid)); - io_simple_buffer(b, &p->expires, sizeof(p->expires)); + io_simple_buffer(b, &p->notafter, sizeof(p->notafter)); io_simple_buffer(b, &p->providersz, sizeof(size_t)); io_simple_buffer(b, p->providers, @@ -309,7 +309,7 @@ aspa_read(struct ibuf *b) io_read_buf(b, &p->valid, sizeof(p->valid)); io_read_buf(b, &p->custasid, sizeof(p->custasid)); - io_read_buf(b, &p->expires, sizeof(p->expires)); + io_read_buf(b, &p->notafter, sizeof(p->notafter)); io_read_buf(b, &p->providersz, sizeof(size_t)); if ((p->providers = calloc(p->providersz, @@ -355,7 +355,7 @@ aspa_insert_vaps(struct vap_tree *tree, struct aspa *aspa, struct repo *rp) if ((v = calloc(1, sizeof(*v))) == NULL) err(1, NULL); v->custasid = aspa->custasid; - v->expires = aspa->expires; + v->expires = aspa->notafter; if ((found = RB_INSERT(vap_tree, tree, v)) != NULL) { if (found->expires > v->expires) diff --git a/usr.sbin/rpki-client/cert.c b/usr.sbin/rpki-client/cert.c index cff5af4ad0d..06523711e71 100644 --- a/usr.sbin/rpki-client/cert.c +++ b/usr.sbin/rpki-client/cert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cert.c,v 1.105 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: cert.c,v 1.106 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2021 Job Snijders @@ -758,7 +758,7 @@ cert_parse_pre(const char *fn, const unsigned char *der, size_t len) goto out; if (!x509_get_notbefore(x, p.fn, &p.res->notbefore)) goto out; - if (!x509_get_expire(x, p.fn, &p.res->expires)) + if (!x509_get_notafter(x, p.fn, &p.res->notafter)) goto out; p.res->purpose = x509_get_purpose(x, p.fn); @@ -976,7 +976,7 @@ cert_free(struct cert *p) void cert_buffer(struct ibuf *b, const struct cert *p) { - io_simple_buffer(b, &p->expires, sizeof(p->expires)); + io_simple_buffer(b, &p->notafter, sizeof(p->notafter)); io_simple_buffer(b, &p->purpose, sizeof(p->purpose)); io_simple_buffer(b, &p->talid, sizeof(p->talid)); io_simple_buffer(b, &p->repoid, sizeof(p->repoid)); @@ -1009,7 +1009,7 @@ cert_read(struct ibuf *b) if ((p = calloc(1, sizeof(struct cert))) == NULL) err(1, NULL); - io_read_buf(b, &p->expires, sizeof(p->expires)); + io_read_buf(b, &p->notafter, sizeof(p->notafter)); io_read_buf(b, &p->purpose, sizeof(p->purpose)); io_read_buf(b, &p->talid, sizeof(p->talid)); io_read_buf(b, &p->repoid, sizeof(p->repoid)); @@ -1100,7 +1100,7 @@ insert_brk(struct brk_tree *tree, struct cert *cert, int asid) err(1, NULL); b->asid = asid; - b->expires = cert->expires; + b->expires = cert->notafter; b->talid = cert->talid; if ((b->ski = strdup(cert->ski)) == NULL) err(1, NULL); diff --git a/usr.sbin/rpki-client/crl.c b/usr.sbin/rpki-client/crl.c index 98a2059fdc7..d60e66477fe 100644 --- a/usr.sbin/rpki-client/crl.c +++ b/usr.sbin/rpki-client/crl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crl.c,v 1.23 2023/03/06 16:58:41 job Exp $ */ +/* $OpenBSD: crl.c,v 1.24 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -74,7 +74,7 @@ crl_parse(const char *fn, const unsigned char *der, size_t len) warnx("%s: X509_CRL_get0_lastUpdate failed", fn); goto out; } - if (!x509_get_time(at, &crl->issued)) { + if (!x509_get_time(at, &crl->lastupdate)) { warnx("%s: ASN1_time_parse failed", fn); goto out; } @@ -84,7 +84,7 @@ crl_parse(const char *fn, const unsigned char *der, size_t len) warnx("%s: X509_CRL_get0_nextUpdate failed", fn); goto out; } - if (!x509_get_time(at, &crl->expires)) { + if (!x509_get_time(at, &crl->nextupdate)) { warnx("%s: ASN1_time_parse failed", fn); goto out; } diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h index 6b7e39f76c6..8f0623e453d 100644 --- a/usr.sbin/rpki-client/extern.h +++ b/usr.sbin/rpki-client/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.171 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: extern.h,v 1.172 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -140,7 +140,7 @@ struct cert { char *pubkey; /* Subject Public Key Info */ X509 *x509; /* the cert */ time_t notbefore; /* cert's Not Before */ - time_t expires; /* do not use after */ + time_t notafter; /* cert's Not After */ }; /* @@ -247,7 +247,7 @@ struct roa { char *ski; /* SKI */ time_t signtime; /* CMS signing-time attribute */ time_t notbefore; /* EE cert's Not Before */ - time_t expires; /* do not use after */ + time_t notafter; /* EE cert's Not After */ }; struct rscfile { @@ -272,7 +272,7 @@ struct rsc { char *ski; /* SKI */ time_t signtime; /* CMS signing-time attribute */ time_t notbefore; /* EE cert's Not Before */ - time_t expires; /* Not After of the RSC EE */ + time_t notafter; /* Not After of the RSC EE */ }; /* @@ -302,7 +302,7 @@ struct tak { char *ski; /* SKI */ time_t signtime; /* CMS signing-time attribute */ time_t notbefore; /* EE cert's Not Before */ - time_t expires; /* Not After of the TAK EE */ + time_t notafter; /* Not After of the TAK EE */ }; /* @@ -324,7 +324,7 @@ struct geofeed { char *ski; /* SKI */ time_t signtime; /* CMS signing-time attribute */ time_t notbefore; /* EE cert's Not Before */ - time_t expires; /* Not After of the Geofeed EE */ + time_t notafter; /* Not After of the Geofeed EE */ int valid; /* all resources covered */ }; @@ -339,7 +339,7 @@ struct gbr { char *ski; /* SKI */ time_t signtime; /* CMS signing-time attribute */ time_t notbefore; /* EE cert's Not Before */ - time_t expires; /* Not After of the GBR EE */ + time_t notafter; /* Not After of the GBR EE */ }; struct aspa_provider { @@ -362,7 +362,7 @@ struct aspa { size_t providersz; /* number of providers */ time_t signtime; /* CMS signing-time attribute */ time_t notbefore; /* EE cert's Not Before */ - time_t expires; /* NotAfter of the ASPA EE cert */ + time_t notafter; /* notAfter of the ASPA EE cert */ }; /* @@ -426,8 +426,8 @@ struct crl { RB_ENTRY(crl) entry; char *aki; X509_CRL *x509_crl; - time_t issued; /* do not use before */ - time_t expires; /* do not use after */ + time_t lastupdate; /* do not use before */ + time_t nextupdate; /* do not use after */ }; /* * Tree of CRLs sorted by uri @@ -814,7 +814,7 @@ int x509_get_aki(X509 *, const char *, char **); int x509_get_sia(X509 *, const char *, char **); int x509_get_ski(X509 *, const char *, char **); int x509_get_notbefore(X509 *, const char *, time_t *); -int x509_get_expire(X509 *, const char *, time_t *); +int x509_get_notafter(X509 *, const char *, time_t *); int x509_get_crl(X509 *, const char *, char **); char *x509_crl_get_aki(X509_CRL *, const char *); char *x509_get_pubkey(X509 *, const char *); diff --git a/usr.sbin/rpki-client/gbr.c b/usr.sbin/rpki-client/gbr.c index 9b1e1b699c4..4ba4ff8851a 100644 --- a/usr.sbin/rpki-client/gbr.c +++ b/usr.sbin/rpki-client/gbr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gbr.c,v 1.24 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: gbr.c,v 1.25 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2020 Claudio Jeker * @@ -78,7 +78,7 @@ gbr_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len) if (!x509_get_notbefore(*x509, fn, &p.res->notbefore)) goto out; - if (!x509_get_expire(*x509, fn, &p.res->expires)) + if (!x509_get_notafter(*x509, fn, &p.res->notafter)) goto out; if (!x509_inherits(*x509)) { diff --git a/usr.sbin/rpki-client/geofeed.c b/usr.sbin/rpki-client/geofeed.c index 87aed15af2a..5e874550062 100644 --- a/usr.sbin/rpki-client/geofeed.c +++ b/usr.sbin/rpki-client/geofeed.c @@ -1,4 +1,4 @@ -/* $OpenBSD: geofeed.c,v 1.12 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: geofeed.c,v 1.13 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2022 Job Snijders * Copyright (c) 2019 Kristaps Dzonsons @@ -249,7 +249,7 @@ geofeed_parse(X509 **x509, const char *fn, char *buf, size_t len) if (!x509_get_notbefore(*x509, fn, &p.res->notbefore)) goto out; - if (!x509_get_expire(*x509, fn, &p.res->expires)) + if (!x509_get_notafter(*x509, fn, &p.res->notafter)) goto out; if ((cert = cert_parse_ee_cert(fn, *x509)) == NULL) diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c index 68f3d920f15..a38be796aa3 100644 --- a/usr.sbin/rpki-client/parser.c +++ b/usr.sbin/rpki-client/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.86 2023/02/23 13:06:42 tb Exp $ */ +/* $OpenBSD: parser.c,v 1.87 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2019 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -152,16 +152,16 @@ proc_parser_roa(char *file, const unsigned char *der, size_t len) /* * Check CRL to figure out the soonest transitive expiry moment */ - if (crl != NULL && roa->expires > crl->expires) - roa->expires = crl->expires; + if (crl != NULL && roa->notafter > crl->nextupdate) + roa->notafter = crl->nextupdate; /* * Scan the cert tree to figure out the soonest transitive * expiry moment */ for (; a != NULL; a = a->parent) { - if (roa->expires > a->cert->expires) - roa->expires = a->cert->expires; + if (roa->notafter > a->cert->notafter) + roa->notafter = a->cert->notafter; } return roa; @@ -541,12 +541,12 @@ proc_parser_aspa(char *file, const unsigned char *der, size_t len) aspa->talid = a->cert->talid; - if (crl != NULL && aspa->expires > crl->expires) - aspa->expires = crl->expires; + if (crl != NULL && aspa->notafter > crl->nextupdate) + aspa->notafter = crl->nextupdate; for (; a != NULL; a = a->parent) { - if (aspa->expires > a->cert->expires) - aspa->expires = a->cert->expires; + if (aspa->notafter > a->cert->notafter) + aspa->notafter = a->cert->notafter; } return aspa; diff --git a/usr.sbin/rpki-client/print.c b/usr.sbin/rpki-client/print.c index ad5901cb4cd..78aa44d9313 100644 --- a/usr.sbin/rpki-client/print.c +++ b/usr.sbin/rpki-client/print.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print.c,v 1.30 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: print.c,v 1.31 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2021 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -183,7 +183,7 @@ cert_print(const struct cert *p) if (p->pubkey != NULL) printf("\t\"router_key\": \"%s\",\n", p->pubkey); printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore); - printf("\t\"valid_until\": %lld,\n", (long long)p->expires); + printf("\t\"valid_until\": %lld,\n", (long long)p->notafter); printf("\t\"subordinate_resources\": [\n"); } else { printf("Subject key identifier: %s\n", pretty_key_id(p->ski)); @@ -205,12 +205,12 @@ cert_print(const struct cert *p) printf("Router key valid since: %s\n", time2str(p->notbefore)); printf("Router key valid until: %s\n", - time2str(p->expires)); + time2str(p->notafter)); } else { printf("Certificate valid since: %s\n", time2str(p->notbefore)); printf("Certificate valid until: %s\n", - time2str(p->expires)); + time2str(p->notafter)); } printf("Subordinate resources: "); } @@ -336,12 +336,14 @@ crl_print(const struct crl *p) ASN1_INTEGER_free(crlnum); if (outformats & FORMAT_JSON) { - printf("\t\"valid_since\": %lld,\n", (long long)p->issued); - printf("\t\"valid_until\": %lld,\n", (long long)p->expires); + printf("\t\"valid_since\": %lld,\n", (long long)p->lastupdate); + printf("\t\"valid_until\": %lld,\n", (long long)p->nextupdate); printf("\t\"revoked_certs\": [\n"); } else { - printf("CRL valid since: %s\n", time2str(p->issued)); - printf("CRL valid until: %s\n", time2str(p->expires)); + printf("CRL valid since: %s\n", + time2str(p->lastupdate)); + printf("CRL valid until: %s\n", + time2str(p->nextupdate)); printf("Revoked Certificates:\n"); } @@ -450,7 +452,7 @@ roa_print(const X509 *x, const struct roa *p) printf("\t\"signing_time\": %lld,\n", (long long)p->signtime); printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore); - printf("\t\"valid_until\": %lld,\n", (long long)p->expires); + printf("\t\"valid_until\": %lld,\n", (long long)p->notafter); } else { printf("Subject key identifier: %s\n", pretty_key_id(p->ski)); x509_print(x); @@ -462,7 +464,7 @@ roa_print(const X509 *x, const struct roa *p) time2str(p->signtime)); printf("ROA valid since: %s\n", time2str(p->notbefore)); - printf("ROA valid until: %s\n", time2str(p->expires)); + printf("ROA valid until: %s\n", time2str(p->notafter)); printf("asID: %u\n", p->asid); printf("IP address blocks: "); } @@ -508,7 +510,7 @@ gbr_print(const X509 *x, const struct gbr *p) printf("\t\"signing_time\": %lld,\n", (long long)p->signtime); printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore); - printf("\t\"valid_until\": %lld,\n", (long long)p->expires); + printf("\t\"valid_until\": %lld,\n", (long long)p->notafter); printf("\t\"vcard\": \""); for (i = 0; i < strlen(p->vcard); i++) { if (p->vcard[i] == '"') @@ -532,7 +534,7 @@ gbr_print(const X509 *x, const struct gbr *p) time2str(p->signtime)); printf("GBR valid since: %s\n", time2str(p->notbefore)); - printf("GBR valid until: %s\n", time2str(p->expires)); + printf("GBR valid until: %s\n", time2str(p->notafter)); printf("vcard:\n%s", p->vcard); } } @@ -554,7 +556,7 @@ rsc_print(const X509 *x, const struct rsc *p) printf("\t\"signing_time\": %lld,\n", (long long)p->signtime); printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore); - printf("\t\"valid_until\": %lld,\n", (long long)p->expires); + printf("\t\"valid_until\": %lld,\n", (long long)p->notafter); printf("\t\"signed_with_resources\": [\n"); } else { printf("Subject key identifier: %s\n", pretty_key_id(p->ski)); @@ -566,7 +568,7 @@ rsc_print(const X509 *x, const struct rsc *p) time2str(p->signtime)); printf("RSC valid since: %s\n", time2str(p->notbefore)); - printf("RSC valid until: %s\n", time2str(p->expires)); + printf("RSC valid until: %s\n", time2str(p->notafter)); printf("Signed with resources: "); } @@ -689,7 +691,7 @@ aspa_print(const X509 *x, const struct aspa *p) printf("\t\"signing_time\": %lld,\n", (long long)p->signtime); printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore); - printf("\t\"valid_until\": %lld,\n", (long long)p->expires); + printf("\t\"valid_until\": %lld,\n", (long long)p->notafter); printf("\t\"customer_asid\": %u,\n", p->custasid); printf("\t\"provider_set\": [\n"); for (i = 0; i < p->providersz; i++) { @@ -715,7 +717,7 @@ aspa_print(const X509 *x, const struct aspa *p) time2str(p->signtime)); printf("ASPA valid since: %s\n", time2str(p->notbefore)); - printf("ASPA valid until: %s\n", time2str(p->expires)); + printf("ASPA valid until: %s\n", time2str(p->notafter)); printf("Customer AS: %u\n", p->custasid); printf("Provider Set: "); for (i = 0; i < p->providersz; i++) { @@ -803,7 +805,7 @@ tak_print(const X509 *x, const struct tak *p) printf("\t\"signing_time\": %lld,\n", (long long)p->signtime); printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore); - printf("\t\"valid_until\": %lld,\n", (long long)p->expires); + printf("\t\"valid_until\": %lld,\n", (long long)p->notafter); printf("\t\"takeys\": [\n"); } else { printf("Subject key identifier: %s\n", pretty_key_id(p->ski)); @@ -816,7 +818,7 @@ tak_print(const X509 *x, const struct tak *p) time2str(p->signtime)); printf("TAK valid since: %s\n", time2str(p->notbefore)); - printf("TAK valid until: %s\n", time2str(p->expires)); + printf("TAK valid until: %s\n", time2str(p->notafter)); } takey_print("current", p->current); @@ -853,7 +855,7 @@ geofeed_print(const X509 *x, const struct geofeed *p) printf("\t\"signing_time\": %lld,\n", (long long)p->signtime); printf("\t\"valid_since\": %lld,\n", (long long)p->notbefore); - printf("\t\"valid_until\": %lld,\n", (long long)p->expires); + printf("\t\"valid_until\": %lld,\n", (long long)p->notafter); printf("\t\"records\": [\n"); } else { printf("Subject key identifier: %s\n", pretty_key_id(p->ski)); @@ -865,7 +867,7 @@ geofeed_print(const X509 *x, const struct geofeed *p) time2str(p->signtime)); printf("Geofeed valid since: %s\n", time2str(p->notbefore)); - printf("Geofeed valid until: %s\n", time2str(p->expires)); + printf("Geofeed valid until: %s\n", time2str(p->notafter)); printf("Geofeed CSV records:\n"); } diff --git a/usr.sbin/rpki-client/roa.c b/usr.sbin/rpki-client/roa.c index 0c814e99729..d4564ab9918 100644 --- a/usr.sbin/rpki-client/roa.c +++ b/usr.sbin/rpki-client/roa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: roa.c,v 1.62 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: roa.c,v 1.63 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2019 Kristaps Dzonsons @@ -243,7 +243,7 @@ roa_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len) if (!x509_get_notbefore(*x509, fn, &p.res->notbefore)) goto out; - if (!x509_get_expire(*x509, fn, &p.res->expires)) + if (!x509_get_notafter(*x509, fn, &p.res->notafter)) goto out; if (!roa_parse_econtent(cms, cmsz, &p)) @@ -310,7 +310,7 @@ roa_buffer(struct ibuf *b, const struct roa *p) io_simple_buffer(b, &p->asid, sizeof(p->asid)); io_simple_buffer(b, &p->talid, sizeof(p->talid)); io_simple_buffer(b, &p->ipsz, sizeof(p->ipsz)); - io_simple_buffer(b, &p->expires, sizeof(p->expires)); + io_simple_buffer(b, &p->notafter, sizeof(p->notafter)); io_simple_buffer(b, p->ips, p->ipsz * sizeof(p->ips[0])); @@ -336,7 +336,7 @@ roa_read(struct ibuf *b) io_read_buf(b, &p->asid, sizeof(p->asid)); io_read_buf(b, &p->talid, sizeof(p->talid)); io_read_buf(b, &p->ipsz, sizeof(p->ipsz)); - io_read_buf(b, &p->expires, sizeof(p->expires)); + io_read_buf(b, &p->notafter, sizeof(p->notafter)); if ((p->ips = calloc(p->ipsz, sizeof(struct roa_ip))) == NULL) err(1, NULL); @@ -373,7 +373,7 @@ roa_insert_vrps(struct vrp_tree *tree, struct roa *roa, struct repo *rp) v->repoid = repo_id(rp); else v->repoid = 0; - v->expires = roa->expires; + v->expires = roa->notafter; /* * Check if a similar VRP already exists in the tree. diff --git a/usr.sbin/rpki-client/rsc.c b/usr.sbin/rpki-client/rsc.c index cd5a17aa1da..a21ff0d6b25 100644 --- a/usr.sbin/rpki-client/rsc.c +++ b/usr.sbin/rpki-client/rsc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsc.c,v 1.22 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: rsc.c,v 1.23 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2022 Job Snijders @@ -407,7 +407,7 @@ rsc_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len) if (!x509_get_notbefore(*x509, fn, &p.res->notbefore)) goto out; - if (!x509_get_expire(*x509, fn, &p.res->expires)) + if (!x509_get_notafter(*x509, fn, &p.res->notafter)) goto out; if (X509_get_ext_by_NID(*x509, NID_sinfo_access, -1) != -1) { diff --git a/usr.sbin/rpki-client/tak.c b/usr.sbin/rpki-client/tak.c index 37e3a049d71..961b49fea32 100644 --- a/usr.sbin/rpki-client/tak.c +++ b/usr.sbin/rpki-client/tak.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tak.c,v 1.6 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: tak.c,v 1.7 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2022 Job Snijders * Copyright (c) 2022 Theo Buehler @@ -261,7 +261,7 @@ tak_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len) if (!x509_get_notbefore(*x509, fn, &p.res->notbefore)) goto out; - if (!x509_get_expire(*x509, fn, &p.res->expires)) + if (!x509_get_notafter(*x509, fn, &p.res->notafter)) goto out; if (!x509_inherits(*x509)) { diff --git a/usr.sbin/rpki-client/x509.c b/usr.sbin/rpki-client/x509.c index d4930c8a9bc..24a01f8baee 100644 --- a/usr.sbin/rpki-client/x509.c +++ b/usr.sbin/rpki-client/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.67 2023/03/10 12:02:11 job Exp $ */ +/* $OpenBSD: x509.c,v 1.68 2023/03/10 12:44:56 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2021 Claudio Jeker @@ -506,10 +506,10 @@ x509_get_notbefore(X509 *x, const char *fn, time_t *tt) } /* - * Extract the expire time (not-after) of a certificate. + * Extract the notAfter from a certificate. */ int -x509_get_expire(X509 *x, const char *fn, time_t *tt) +x509_get_notafter(X509 *x, const char *fn, time_t *tt) { const ASN1_TIME *at; -- 2.20.1