Annotation of embedaddon/strongswan/src/libcharon/plugins/systime_fix/systime_fix_validator.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2013 Martin Willi
3: * Copyright (C) 2013 revosec AG
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include "systime_fix_validator.h"
17:
18: #include <errno.h>
19: #include <time.h>
20:
21: #include <daemon.h>
22:
23: typedef struct private_systime_fix_validator_t private_systime_fix_validator_t;
24:
25: /**
26: * Private data of an systime_fix_validator_t object.
27: */
28: struct private_systime_fix_validator_t {
29:
30: /**
31: * Public systime_fix_validator_t interface.
32: */
33: systime_fix_validator_t public;
34:
35: /**
36: * Timestamp where we start to consider system time valid
37: */
38: time_t threshold;
39: };
40:
41: METHOD(cert_validator_t, check_lifetime, status_t,
42: private_systime_fix_validator_t *this, certificate_t *cert,
43: int pathlen, bool anchor, auth_cfg_t *auth)
44: {
45: if (time(NULL) < this->threshold)
46: {
47: /* our system time seems to be invalid, accept certificate */
48: if (pathlen)
49: { /* report only once per validated chain */
50: DBG1(DBG_CFG, "system time out of sync, skipping certificate "
51: "lifetime check");
52: }
53: return SUCCESS;
54: }
55: /* validate this certificate normally */
56: return NEED_MORE;
57: }
58:
59: METHOD(systime_fix_validator_t, destroy, void,
60: private_systime_fix_validator_t *this)
61: {
62: free(this);
63: }
64:
65: /**
66: * See header
67: */
68: systime_fix_validator_t *systime_fix_validator_create(time_t threshold)
69: {
70: private_systime_fix_validator_t *this;
71:
72: INIT(this,
73: .public = {
74: .validator = {
75: .check_lifetime = _check_lifetime,
76: },
77: .destroy = _destroy,
78: },
79: .threshold = threshold,
80: );
81:
82: return &this->public;
83: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to systime_fix_validator.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / plugins / systime_fix