[or-cvs] fix a bug in handling clock skew
Roger Dingledine
arma at seul.org
Tue Nov 11 04:08:33 UTC 2003
Update of /home/or/cvsroot/src/common
In directory moria.mit.edu:/home2/arma/work/onion/dev/src/common
Modified Files:
tortls.c
Log Message:
fix a bug in handling clock skew
Index: tortls.c
===================================================================
RCS file: /home/or/cvsroot/src/common/tortls.c,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -d -r1.30 -r1.31
--- tortls.c 23 Oct 2003 14:27:53 -0000 1.30
+++ tortls.c 11 Nov 2003 04:08:30 -0000 1.31
@@ -518,12 +518,12 @@
return NULL;
now = time(NULL);
- t = now - CERT_ALLOW_SKEW;
+ t = now + CERT_ALLOW_SKEW;
if (X509_cmp_time(X509_get_notBefore(cert), &t) > 0) {
log_fn(LOG_WARN,"Certificate becomes valid in the future: possible clock skew.");
goto done;
}
- t = now + CERT_ALLOW_SKEW;
+ t = now - CERT_ALLOW_SKEW;
if (X509_cmp_time(X509_get_notAfter(cert), &t) < 0) {
log_fn(LOG_WARN,"Certificate already expired; possible clock skew.");
goto done;
More information about the tor-commits
mailing list