[gnutls-dev] Re: Bug#140609: mutt/gnutls improperly evaluates certificat

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnutls-dev] Re: Bug#140609: mutt/gnutls improperly evaluates certificat

From:	Andrew McDonald
Subject:	[gnutls-dev] Re: Bug#140609: mutt/gnutls improperly evaluates certificate lifetimes
Date:	Wed Apr 3 23:42:01 2002
User-agent:	Mutt/1.3.28i

reassign 140609 gnutls
thanks
(bcc'ed to control)

On Wed, Apr 03, 2002 at 09:48:50PM +0100, Andrew McDonald wrote:
[after Paul found this problem, my own testing gave:]
> 
> A certificate that openssl shows as created at: 
> Apr  3 20:04:52 2002 GMT
> is shown by mutt's certificate display to be created at:
> Wed, 3 Apr 2002 19:04:00
> (UTC is hard coded and tacked on on the assumption that it is)
> 
> Actually, being BST here now (since Sunday) it was created at 21:04
> local time.

[see http://bugs.debian.org/140609 for previous messages]

This is a gnutls bug.

In lib/x509_verify.c in _gnutls_utcTime2gtime() and
_gnutls_generalTime2gtime() a call is made to mktime().
mktime() takes the time in local time not UTC.

Note to Nikos: this bug was seen in 0.3.5 but also exists in current
CVS

It isn't immediately obvious to me how to fix this. I don't think there
is a GMT/UTC equivalent of mktime().


Andrew
-- 
Andrew McDonald
E-mail: address@hidden
http://www.mcdonald.org.uk/andrew/

pgpviOydrXBx1.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[gnutls-dev] Re: Bug#140609: mutt/gnutls improperly evaluates certificate lifetimes, Andrew McDonald <=

Prev by Date: [gnutls-dev] gnutls 0.4.0
Next by Date: [gnutls-dev] gnutls 0.4.1
Previous by thread: [gnutls-dev] gnutls 0.4.0
Next by thread: [gnutls-dev] gnutls 0.4.1
Index(es):
- Date
- Thread