Annotation of embedaddon/strongswan/src/libcharon/plugins/systime_fix/systime_fix_validator.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2013 Martin Willi
! 3: * Copyright (C) 2013 revosec AG
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: #include "systime_fix_validator.h"
! 17:
! 18: #include <errno.h>
! 19: #include <time.h>
! 20:
! 21: #include <daemon.h>
! 22:
! 23: typedef struct private_systime_fix_validator_t private_systime_fix_validator_t;
! 24:
! 25: /**
! 26: * Private data of an systime_fix_validator_t object.
! 27: */
! 28: struct private_systime_fix_validator_t {
! 29:
! 30: /**
! 31: * Public systime_fix_validator_t interface.
! 32: */
! 33: systime_fix_validator_t public;
! 34:
! 35: /**
! 36: * Timestamp where we start to consider system time valid
! 37: */
! 38: time_t threshold;
! 39: };
! 40:
! 41: METHOD(cert_validator_t, check_lifetime, status_t,
! 42: private_systime_fix_validator_t *this, certificate_t *cert,
! 43: int pathlen, bool anchor, auth_cfg_t *auth)
! 44: {
! 45: if (time(NULL) < this->threshold)
! 46: {
! 47: /* our system time seems to be invalid, accept certificate */
! 48: if (pathlen)
! 49: { /* report only once per validated chain */
! 50: DBG1(DBG_CFG, "system time out of sync, skipping certificate "
! 51: "lifetime check");
! 52: }
! 53: return SUCCESS;
! 54: }
! 55: /* validate this certificate normally */
! 56: return NEED_MORE;
! 57: }
! 58:
! 59: METHOD(systime_fix_validator_t, destroy, void,
! 60: private_systime_fix_validator_t *this)
! 61: {
! 62: free(this);
! 63: }
! 64:
! 65: /**
! 66: * See header
! 67: */
! 68: systime_fix_validator_t *systime_fix_validator_create(time_t threshold)
! 69: {
! 70: private_systime_fix_validator_t *this;
! 71:
! 72: INIT(this,
! 73: .public = {
! 74: .validator = {
! 75: .check_lifetime = _check_lifetime,
! 76: },
! 77: .destroy = _destroy,
! 78: },
! 79: .threshold = threshold,
! 80: );
! 81:
! 82: return &this->public;
! 83: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to systime_fix_validator.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / plugins / systime_fix