Back out redundant verification time change.

9a436c0f · Ben Laurie · 7fd5df6b · 9a436c0f · 9a436c0f
显示空白变更内容
内联并排

Showing with 4 addition and 32 deletion

CHANGES CHANGES +0 -3

apps/verify.c apps/verify.c +4 -29

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -472,9 +472,6 @@
  *) Add SRP support.
     [Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]
-  *) Add -attime option to openssl verify.
-     [Peter Eckersley <pde@eff.org> and Ben Laurie]
  *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
     [Steve Henson]

--- a/apps/verify.c
+++ b/apps/verify.c
@@ -72,7 +72,7 @@
 static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
 static int check(X509_STORE *ctx, char *file,
 		STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
-		STACK_OF(X509_CRL) *crls, ENGINE *e, time_t at_time);
+		STACK_OF(X509_CRL) *crls, ENGINE *e);
 static int v_verbose=0, vflags = 0;
 int MAIN(int, char **);
@@ -83,9 +83,6 @@ int MAIN(int argc, char **argv)
 	int i,ret=1, badarg = 0;
 	char *CApath=NULL,*CAfile=NULL;
 	char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
-	char *checktime_string = NULL;
-	long int timestamp;
-	time_t t = 0;
 	STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
 	STACK_OF(X509_CRL) *crls = NULL;
 	X509_STORE *cert_ctx=NULL;
@@ -148,11 +145,6 @@ int MAIN(int argc, char **argv)
 				if (argc-- < 1) goto end;
 				crlfile= *(++argv);
 				}
-			else if (strcmp(*argv,"-attime") == 0)
-				{
-				if (argc-- < 1) goto end;
-				checktime_string= *(++argv);
-				}
 #ifndef OPENSSL_NO_ENGINE
 			else if (strcmp(*argv,"-engine") == 0)
 				{
@@ -230,28 +222,14 @@ int MAIN(int argc, char **argv)
 			goto end;
 		}
-	if(checktime_string)
+	if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, crls, e);
-		{
-		/* interpret the -attime argument as seconds since Epoch */
-		if (sscanf(checktime_string, "%li", &timestamp) != 1)
-			{
-			BIO_printf(bio_err, "Error parsing timestamp %s\n",
-					   checktime_string);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		t = (time_t) timestamp;  /* on some platforms time_t may be a float */
-		}
-	if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, crls, e, t);
 	else
 		for (i=0; i<argc; i++)
-			check(cert_ctx,argv[i], untrusted, trusted, crls, e, t);
+			check(cert_ctx,argv[i], untrusted, trusted, crls, e);
 	ret=0;
 end:
 	if (ret == 1) {
 		BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
-		BIO_printf(bio_err," [-attime timestamp]");
 #ifndef OPENSSL_NO_ENGINE
 		BIO_printf(bio_err," [-engine e]");
 #endif
@@ -288,7 +266,7 @@ end:
 static int check(X509_STORE *ctx, char *file,
 		STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
-		STACK_OF(X509_CRL) *crls, ENGINE *e, time_t at_time)
+		STACK_OF(X509_CRL) *crls, ENGINE *e)
 	{
 	X509 *x=NULL;
 	int i=0,ret=0;
@@ -314,9 +292,6 @@ static int check(X509_STORE *ctx, char *file,
 	if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain);
 	if (crls)
 		X509_STORE_CTX_set0_crls(csc, crls);
-	if (at_time) 
-		X509_STORE_CTX_set_time(csc, 0, at_time);
 	i=X509_verify_cert(csc);
 	X509_STORE_CTX_free(csc);