Skip to content

Fix regression in ASN1_UTCTIME_cmp_time_t#218

Closed
zenazn wants to merge 1 commit intoopenssl:masterfrom
zenazn:cmp_time
Closed

Fix regression in ASN1_UTCTIME_cmp_time_t#218
zenazn wants to merge 1 commit intoopenssl:masterfrom
zenazn:cmp_time

Conversation

@zenazn
Copy link
Contributor

@zenazn zenazn commented Jan 31, 2015

Previously, ASN1_UTCTIME_cmp_time_t would return 1 if s > t, -1 if
s < t, and 0 if s == t.

This behavior was broken in a refactor (904348a), resulting in the opposite
time comparison behavior.

@zenazn
Fix regression in ASN1_UTCTIME_cmp_time_t
724df7b 
Previously, ASN1_UTCTIME_cmp_time_t would return 1 if s > t, -1 if
s < t, and 0 if s == t.

This behavior was broken in a refactor [0], resulting in the opposite
time comparison behavior.

[0]: 904348a
@malemburg
Copy link

malemburg commented Feb 2, 2015

I can confirm the bug and the fix.

We found the same problem in pyOpenSSL after switching from 1.0.1l to 1.0.2. The behavior is exactly reversed in 1.0.2 causing certificates to be detected as expired when in fact they are not and vice-versa.

@zenazn
Copy link
Contributor Author

zenazn commented Feb 23, 2015

This is being tracked as issue 3706 on the openssl RT.

http://www.mail-archive.com/openssl-dev@openssl.org/msg38201.html

@zenazn
Copy link
Contributor Author

zenazn commented Mar 15, 2015

This got fixed in da27006

@zenazn zenazn closed this Mar 15, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zenazn @malemburg