- Fix text around serial arithmatic used for RRSIG times to refer

  to correct RFC number.

diff --git a/doc/Changelog b/doc/Changelog
index 560e22ca3debc27de5ff66a47ad9af7c38c6fa09..0bca5d9ef720ede09433dddd7ddd8bdb991b5eb3 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,8 @@
 3 December 2019: Wouter
        - Merge pull request #124 from rmetrich: Changed log lock
          from 'quick' to 'basic' because this is an I/O lock.
+       - Fix text around serial arithmatic used for RRSIG times to refer
+         to correct RFC number.
 
 2 December 2019: Wouter
        - Merge pull request #122 from he32: In tcp_callback_writer(),

diff --git a/validator/val_sigcrypt.c b/validator/val_sigcrypt.c
index cfa3eadcf6a0f9639519193c61d8440a18ddf8e1..33d206de8d7f2560c21282e386a993cae321bf6d 100644 (file)
--- a/validator/val_sigcrypt.c
+++ b/validator/val_sigcrypt.c
@@ -1225,11 +1225,11 @@ sigdate_error(const char* str, int32_t expi, int32_t incep, int32_t now)
                        (unsigned)incep, (unsigned)now);
 }
 
-/** RFC 1918 comparison, uses unsigned integers, and tries to avoid
+/** RFC 1982 comparison, uses unsigned integers, and tries to avoid
  * compiler optimization (eg. by avoiding a-b<0 comparisons),
  * this routine matches compare_serial(), for SOA serial number checks */
 static int
-compare_1918(uint32_t a, uint32_t b)
+compare_1982(uint32_t a, uint32_t b)
 {
        /* for 32 bit values */
         const uint32_t cutoff = ((uint32_t) 1 << (32 - 1));
@@ -1244,9 +1244,9 @@ compare_1918(uint32_t a, uint32_t b)
 }
 
 /** if we know that b is larger than a, return the difference between them,
- * that is the distance between them. in RFC1918 arith */
+ * that is the distance between them. in RFC1982 arith */
 static uint32_t
-subtract_1918(uint32_t a, uint32_t b)
+subtract_1982(uint32_t a, uint32_t b)
 {
        /* for 32 bit values */
         const uint32_t cutoff = ((uint32_t) 1 << (32 - 1));
@@ -1286,18 +1286,18 @@ check_dates(struct val_env* ve, uint32_t unow,
        } else  now = unow;
 
        /* check them */
-       if(compare_1918(incep, expi) > 0) {
+       if(compare_1982(incep, expi) > 0) {
                sigdate_error("verify: inception after expiration, "
                        "signature bad", expi, incep, now);
                *reason = "signature inception after expiration";
                return 0;
        }
-       if(compare_1918(incep, now) > 0) {
+       if(compare_1982(incep, now) > 0) {
                /* within skew ? (calc here to avoid calculation normally) */
-               uint32_t skew = subtract_1918(incep, expi)/10;
+               uint32_t skew = subtract_1982(incep, expi)/10;
                if(skew < (uint32_t)ve->skew_min) skew = ve->skew_min;
                if(skew > (uint32_t)ve->skew_max) skew = ve->skew_max;
-               if(subtract_1918(now, incep) > skew) {
+               if(subtract_1982(now, incep) > skew) {
                        sigdate_error("verify: signature bad, current time is"
                                " before inception date", expi, incep, now);
                        *reason = "signature before inception date";
@@ -1306,11 +1306,11 @@ check_dates(struct val_env* ve, uint32_t unow,
                sigdate_error("verify warning suspicious signature inception "
                        " or bad local clock", expi, incep, now);
        }
-       if(compare_1918(now, expi) > 0) {
-               uint32_t skew = subtract_1918(incep, expi)/10;
+       if(compare_1982(now, expi) > 0) {
+               uint32_t skew = subtract_1982(incep, expi)/10;
                if(skew < (uint32_t)ve->skew_min) skew = ve->skew_min;
                if(skew > (uint32_t)ve->skew_max) skew = ve->skew_max;
-               if(subtract_1918(expi, now) > skew) {
+               if(subtract_1982(expi, now) > skew) {
                        sigdate_error("verify: signature expired", expi, 
                                incep, now);
                        *reason = "signature expired";