Avoid duplicated code.

The certificate and CRL time setting functions used similar code,
combine into a single utility function.

Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h
index 3d0b0bde03415d514b89ad86a96c1f6c19effeba..2845026dd82f0b028bbabaa5912c6094b9099e7c 100644 (file)
--- a/crypto/include/internal/x509_int.h
+++ b/crypto/include/internal/x509_int.h
@@ -264,3 +264,4 @@ struct x509_object_st {
 };
 
 int a2i_ipadd(unsigned char *ipout, const char *ipasc);
+int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm);

diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index dfcecb15c24bf44bbd901bbb1fc9385915876ce9..3cebf6ef3b380491a4e66eebc285687edf29ae33 100644 (file)
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -57,38 +57,32 @@ int X509_set_subject_name(X509 *x, X509_NAME *name)
     return (X509_NAME_set(&x->cert_info.subject, name));
 }
 
-int X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
+int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm)
 {
     ASN1_TIME *in;
-
-    if (x == NULL)
-        return (0);
-    in = x->cert_info.validity.notBefore;
+    in = *ptm;
     if (in != tm) {
         in = ASN1_STRING_dup(tm);
         if (in != NULL) {
-            ASN1_TIME_free(x->cert_info.validity.notBefore);
-            x->cert_info.validity.notBefore = in;
+            ASN1_TIME_free(*ptm);
+            *ptm = in;
         }
     }
     return (in != NULL);
 }
 
-int X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
+int X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
 {
-    ASN1_TIME *in;
+    if (x == NULL)
+        return 0;
+    return x509_set1_time(&x->cert_info.validity.notBefore, tm);
+}
 
+int X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
+{
     if (x == NULL)
-        return (0);
-    in = x->cert_info.validity.notAfter;
-    if (in != tm) {
-        in = ASN1_STRING_dup(tm);
-        if (in != NULL) {
-            ASN1_TIME_free(x->cert_info.validity.notAfter);
-            x->cert_info.validity.notAfter = in;
-        }
-    }
-    return (in != NULL);
+        return 0;
+    return x509_set1_time(&x->cert_info.validity.notAfter, tm);
 }
 
 int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)

diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index fedb2c58e6ca5d66ee593ae4067ceecfaa339a6f..681c43812a93b514e28b73cc51198440a097aed7 100644 (file)
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -35,36 +35,16 @@ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
 
 int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
 {
-    ASN1_TIME *in;
-
     if (x == NULL)
-        return (0);
-    in = x->crl.lastUpdate;
-    if (in != tm) {
-        in = ASN1_STRING_dup(tm);
-        if (in != NULL) {
-            ASN1_TIME_free(x->crl.lastUpdate);
-            x->crl.lastUpdate = in;
-        }
-    }
-    return (in != NULL);
+        return 0;
+    return x509_set1_time(&x->crl.lastUpdate, tm);
 }
 
 int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
 {
-    ASN1_TIME *in;
-
     if (x == NULL)
-        return (0);
-    in = x->crl.nextUpdate;
-    if (in != tm) {
-        in = ASN1_STRING_dup(tm);
-        if (in != NULL) {
-            ASN1_TIME_free(x->crl.nextUpdate);
-            x->crl.nextUpdate = in;
-        }
-    }
-    return (in != NULL);
+        return 0;
+    return x509_set1_time(&x->crl.nextUpdate, tm);
 }
 
 int X509_CRL_sort(X509_CRL *c)