From 6d391f77051cc485f09600a00ff3d129f9736a35 Mon Sep 17 00:00:00 2001 From: Michael R Sweet Date: Thu, 14 Nov 2019 15:34:34 -0500 Subject: [PATCH] Don't generate certificates that expire on Feb 29th (Issue #5643) --- CHANGES.md | 2 ++ cups/tls-sspi.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/CHANGES.md b/CHANGES.md index 720da4bb6..485a2b614 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -9,6 +9,8 @@ Changes in CUPS v2.3.1 - Fixed a crash bug in the web interface (Issue #5621) - PPD files containing "custom" option keywords did not work (Issue #5639) - Added a workaround for the scheduler's systemd support (Issue #5640) +- On Windows, TLS certificates generated on February 29 would likely fail + (Issue #5643) - Added a DigestOptions directive for the `client.conf` file to control whether MD5-based Digest authentication is allowed (Issue #5647) - Fixed a bug in the handling of printer resource files (Issue #5652) diff --git a/cups/tls-sspi.c b/cups/tls-sspi.c index 6e3c03b9e..ccbdf8aaf 100644 --- a/cups/tls-sspi.c +++ b/cups/tls-sspi.c @@ -1967,6 +1967,8 @@ http_sspi_make_credentials( GetSystemTime(&et); et.wYear += years; + if (et.wMonth == 2 && et.wDay == 29) + et.wDay = 28; /* Avoid Feb 29th due to leap years */ ZeroMemory(&exts, sizeof(exts)); -- 2.39.2