Why don't we just dump all the hand-calculations of validity and let OpenSSL do the work? E.g.,
bool IsValid() {
now = time(NULL)
int day, sec;
if (1 != ASN1_TIME_diff(&day, &sec, cert_expiry_time, NULL)) { return false; } // Error...
return (day > 0 || sec > 0);
}
I don't see much value in hand-calculating timezone and DST offsets (which, quite obviously, have some bug somewhere) when there's an OpenSSL API function to do precisely this.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1