From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri, 17 Feb 2017 10:26:33 +0000 (+0100)
Subject: _gnutls_x509_generalTime2gtime: refuse to parse fractional seconds
X-Git-Tag: gnutls_3_6_0~1002
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8bcd6b8bf1acbd4fd9ae16a91a453b052e809f6d;p=thirdparty%2Fgnutls.git

_gnutls_x509_generalTime2gtime: refuse to parse fractional seconds

Fractional seconds in GeneralizedTime are prohibited by RFC5280.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/lib/x509/time.c b/lib/x509/time.c
index 5ae6be01ee..39f47a85f3 100644
--- a/lib/x509/time.c
+++ b/lib/x509/time.c
@@ -207,8 +207,13 @@ time_t _gnutls_x509_generalTime2gtime(const char *ttime)
 
 	if (strchr(ttime, 'Z') == 0) {
 		gnutls_assert();
-		/* sorry we don't support it yet
-		 */
+		/* required to be in GMT */
+		return (time_t) - 1;
+	}
+
+	if (strchr(ttime, '.') != 0) {
+		gnutls_assert();
+		/* no fractional seconds allowed */
 		return (time_t) - 1;
 	}
 	xx[4] = 0;