aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2008-04-10 05:05:42 +0000
committerlloyd <[email protected]>2008-04-10 05:05:42 +0000
commitfc01b5a4bb338c892a928c869e31bb58bf4dd319 (patch)
tree952062f53a44c9f60a8d3114e865d32cafd2e305 /src
parent23df73a03249341a569a97a39081769b4f8f174b (diff)
Add a second argument to X509_Cert_Options, which replaces
the configuration value default_expire Remove signing_offset as well - it is only used for setting the default time of a X509_Cert_Options: not worth the cost of a global variable.
Diffstat (limited to 'src')
-rw-r--r--src/policy.cpp2
-rw-r--r--src/x509opt.cpp14
2 files changed, 5 insertions, 11 deletions
diff --git a/src/policy.cpp b/src/policy.cpp
index 7ef8241d8..ac81f43b0 100644
--- a/src/policy.cpp
+++ b/src/policy.cpp
@@ -241,8 +241,6 @@ void set_default_config(Config& config)
config.set_option("x509/ca/allow_ca", "false");
config.set_option("x509/ca/basic_constraints", "always");
- config.set_option("x509/ca/default_expire", "1y");
- config.set_option("x509/ca/signing_offset", "30s");
config.set_option("x509/ca/rsa_hash", "SHA-1");
config.set_option("x509/ca/str_type", "latin1");
diff --git a/src/x509opt.cpp b/src/x509opt.cpp
index edaaa1437..36b82de00 100644
--- a/src/x509opt.cpp
+++ b/src/x509opt.cpp
@@ -77,21 +77,17 @@ void X509_Cert_Options::sanity_check() const
/*************************************************
* Initialize the certificate options *
*************************************************/
-X509_Cert_Options::X509_Cert_Options(const std::string& initial_opts)
+X509_Cert_Options::X509_Cert_Options(const std::string& initial_opts,
+ u32bit expiration_time_in_seconds)
{
- const u32bit DEFAULT_EXPIRE =
- global_config().option_as_time("x509/ca/default_expire");
- const u32bit OFFSET_FROM_NOW =
- global_config().option_as_time("x509/ca/signing_offset");
-
is_CA = false;
path_limit = 0;
constraints = NO_CONSTRAINTS;
- const u64bit current_time = system_time();
+ const u32bit now = system_time();
- start = X509_Time(current_time - OFFSET_FROM_NOW);
- end = X509_Time(current_time - OFFSET_FROM_NOW + DEFAULT_EXPIRE);
+ start = X509_Time(now);
+ end = X509_Time(now + expiration_time_in_seconds);
if(initial_opts == "")
return;