diff options
author | lloyd <[email protected]> | 2008-04-10 05:05:42 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2008-04-10 05:05:42 +0000 |
commit | fc01b5a4bb338c892a928c869e31bb58bf4dd319 (patch) | |
tree | 952062f53a44c9f60a8d3114e865d32cafd2e305 /src | |
parent | 23df73a03249341a569a97a39081769b4f8f174b (diff) |
Add a second argument to X509_Cert_Options, which replaces
the configuration value default_expire
Remove signing_offset as well - it is only used for setting the
default time of a X509_Cert_Options: not worth the cost of a global
variable.
Diffstat (limited to 'src')
-rw-r--r-- | src/policy.cpp | 2 | ||||
-rw-r--r-- | src/x509opt.cpp | 14 |
2 files changed, 5 insertions, 11 deletions
diff --git a/src/policy.cpp b/src/policy.cpp index 7ef8241d8..ac81f43b0 100644 --- a/src/policy.cpp +++ b/src/policy.cpp @@ -241,8 +241,6 @@ void set_default_config(Config& config) config.set_option("x509/ca/allow_ca", "false"); config.set_option("x509/ca/basic_constraints", "always"); - config.set_option("x509/ca/default_expire", "1y"); - config.set_option("x509/ca/signing_offset", "30s"); config.set_option("x509/ca/rsa_hash", "SHA-1"); config.set_option("x509/ca/str_type", "latin1"); diff --git a/src/x509opt.cpp b/src/x509opt.cpp index edaaa1437..36b82de00 100644 --- a/src/x509opt.cpp +++ b/src/x509opt.cpp @@ -77,21 +77,17 @@ void X509_Cert_Options::sanity_check() const /************************************************* * Initialize the certificate options * *************************************************/ -X509_Cert_Options::X509_Cert_Options(const std::string& initial_opts) +X509_Cert_Options::X509_Cert_Options(const std::string& initial_opts, + u32bit expiration_time_in_seconds) { - const u32bit DEFAULT_EXPIRE = - global_config().option_as_time("x509/ca/default_expire"); - const u32bit OFFSET_FROM_NOW = - global_config().option_as_time("x509/ca/signing_offset"); - is_CA = false; path_limit = 0; constraints = NO_CONSTRAINTS; - const u64bit current_time = system_time(); + const u32bit now = system_time(); - start = X509_Time(current_time - OFFSET_FROM_NOW); - end = X509_Time(current_time - OFFSET_FROM_NOW + DEFAULT_EXPIRE); + start = X509_Time(now); + end = X509_Time(now + expiration_time_in_seconds); if(initial_opts == "") return; |