Have added new capabilities to Glacier to adjust the issued time to allow

for a certain 'grace' period for clients whose clocks are off. This is Glacier.Starter.Certificate.IssuedAdjust.
author: Anthony Neal <aneal@zeroc.com> 2002-07-17 19:47:30 +0000
committer: Anthony Neal <aneal@zeroc.com> 2002-07-17 19:47:30 +0000
commit: 5f05821a9aed2607b82ae40a0964ab86252a0b78 (patch)
tree: acb63fae4434b822099045fc5e689e90e01ffb5d /cpp/src/IceSSL/RSACertificateGen.cpp
parent: Use IceStorm service (diff)
download: ice-5f05821a9aed2607b82ae40a0964ab86252a0b78.tar.bz2
ice-5f05821a9aed2607b82ae40a0964ab86252a0b78.tar.xz
ice-5f05821a9aed2607b82ae40a0964ab86252a0b78.zip
1 files changed, 15 insertions, 2 deletions
diff --git a/cpp/src/IceSSL/RSACertificateGen.cpp b/cpp/src/IceSSL/RSACertificateGen.cpp
index 5a596b71e97..a0a21d33cad 100644
--- a/cpp/src/IceSSL/RSACertificateGen.cpp
+++ b/cpp/src/IceSSL/RSACertificateGen.cpp
@@ -56,7 +56,8 @@ IceSSL::OpenSSL::RSACertificateGenContext::yearsToSeconds(long years)
 
 IceSSL::OpenSSL::RSACertificateGenContext::RSACertificateGenContext() :
                                           _modulusLength(0),
-                                          _secondsValid(0)
+                                          _secondsValid(0),
+                                          _issuedAdjustment(0)
 {
 }
 
@@ -112,6 +113,12 @@ IceSSL::OpenSSL::RSACertificateGenContext::setSecondsValid(long secondsValid)
     _secondsValid = secondsValid;
 }
 
+void
+IceSSL::OpenSSL::RSACertificateGenContext::setIssuedAdjustment(long issuedAdjustment)
+{
+    _issuedAdjustment = issuedAdjustment;
+}
+
 unsigned char*
 IceSSL::OpenSSL::RSACertificateGenContext::getCountry() const
 {
@@ -184,6 +191,12 @@ IceSSL::OpenSSL::RSACertificateGenContext::getSecondsValid() const
     return _secondsValid;
 }
 
+long
+IceSSL::OpenSSL::RSACertificateGenContext::getIssuedAdjustment() const
+{
+    return _issuedAdjustment;
+}
+
 IceSSL::OpenSSL::RSACertificateGen::RSACertificateGen()
 {
     ERR_load_crypto_strings();
@@ -233,7 +246,7 @@ IceSSL::OpenSSL::RSACertificateGen::generate(const RSACertificateGenContext& con
     struct X509_name_st* subjectName = X509_REQ_get_subject_name(signingRequest);
 
     // Set valid time period.
-    X509_gmtime_adj(X509_get_notBefore(x509SelfSigned), 0);
+    X509_gmtime_adj(X509_get_notBefore(x509SelfSigned), context.getIssuedAdjustment());
     X509_gmtime_adj(X509_get_notAfter(x509SelfSigned), context.getSecondsValid());
 
     // Set up subject/issuer Distinguished Name (DN).
author	Anthony Neal <aneal@zeroc.com>	2002-07-17 19:47:30 +0000
committer	Anthony Neal <aneal@zeroc.com>	2002-07-17 19:47:30 +0000
commit	5f05821a9aed2607b82ae40a0964ab86252a0b78 (patch)
tree	acb63fae4434b822099045fc5e689e90e01ffb5d /cpp/src/IceSSL/RSACertificateGen.cpp
parent	Use IceStorm service (diff)
download	ice-5f05821a9aed2607b82ae40a0964ab86252a0b78.tar.bz2 ice-5f05821a9aed2607b82ae40a0964ab86252a0b78.tar.xz ice-5f05821a9aed2607b82ae40a0964ab86252a0b78.zip