* Completed remaining SSL fixes. Works in Moz, aIEeee, Konq; self-signed

author Art Cancro <ajc@citadel.org>

Wed, 21 Apr 2004 03:43:39 +0000 (03:43 +0000)

committer Art Cancro <ajc@citadel.org>

Wed, 21 Apr 2004 03:43:39 +0000 (03:43 +0000)
author Art Cancro <ajc@citadel.org>
Wed, 21 Apr 2004 03:43:39 +0000 (03:43 +0000)
committer Art Cancro <ajc@citadel.org>
Wed, 21 Apr 2004 03:43:39 +0000 (03:43 +0000)
diff --git a/webcit/ChangeLog b/webcit/ChangeLog

index 77baa8633369c5731676388bb11b38a6e5ed3061..684084e92c0165f83358bb0eaaee677d6e9cee15 100644 (file)
--- a/webcit/ChangeLog
+++ b/webcit/ChangeLog
@@ -1,4 +1,8 @@
  $Log$
+Revision 506.10  2004/04/21 03:43:39  ajc
+* Completed remaining SSL fixes.  Works in Moz, aIEeee, Konq; self-signed
+  certs are also no longer invalid.
+
  Revision 506.9  2004/04/21 02:25:13  ajc
  * Replaced ctdl_install_certificate() with convenience functions found
    in the OpenSSL library.
@@ -1790,4 +1794,3 @@ Sun Dec  6 19:50:55 EST 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
  
  1998-12-03 Nathan Bryant <bryant@cs.usm.maine.edu>
         * webserver.c: warning fix
-
diff --git a/webcit/crypto.c b/webcit/crypto.c

index 85bcb3b109169b6bfb01f8800af2377b0313329e..d74c6b17dfcfc8821651572f1592e51d47dc3abe 100644 (file)
--- a/webcit/crypto.c
+++ b/webcit/crypto.c
@@ -277,10 +277,12 @@ void init_ssl(void)
                         if (req) {
                                 if (cer = X509_new(), cer != NULL) {
  
+                                       ASN1_INTEGER_set(X509_get_serialNumber(cer), 0);
                                         X509_set_issuer_name(cer, req->req_info->subject);
                                         X509_set_subject_name(cer, req->req_info->subject);
-                                       X509_gmtime_adj(X509_get_notBefore(cer),0);
+                                       X509_gmtime_adj(X509_get_notBefore(cer), 0);
                                         X509_gmtime_adj(X509_get_notAfter(cer),(long)60*60*24*SIGN_DAYS);
+
                                         req_pkey = X509_REQ_get_pubkey(req);
                                         X509_set_pubkey(cer, req_pkey);
                                         EVP_PKEY_free(req_pkey);
author	Art Cancro <ajc@citadel.org>
	Wed, 21 Apr 2004 03:43:39 +0000 (03:43 +0000)
committer	Art Cancro <ajc@citadel.org>
	Wed, 21 Apr 2004 03:43:39 +0000 (03:43 +0000)
webcit/ChangeLog		patch \| blob \| history
webcit/crypto.c		patch \| blob \| history