Dr Stephen Henson wrote:
>
> Heiko Nardmann wrote:
> >
> > Hi!
> >
> > I am using SSLeay-0.9.0b for a project.
> > Now I found that decoding an X.509 certificate
> > does not work since the decoding of the Validity
> > field assumes UTCTime to be used although the standard
> > says UTCTime OR GeneralizedTime.
> >
> > Is there a simple way to say accept both alternatives
> > of the ASN.1 CHOICE?
> >
> > Or: is there a patch which fixes this bug?
> >
>
> GeneralizedTime isn't supported at all in SSLeay-0.9.0b or in OpenSSL
> 0.9.1c.
>
> I have added support for GeneralizedTime in the current CVS tree and
> support for the Time CHOICE type.
>
> I've called this ASN1_TIME and there are various functions that
> (hoepefully) handle things appropriately.
>
> I've also fixed the X509 certificate and CRL code so it now accepts Time
> instead of just UTCTime.
>
> Steve.
So is there a patch available to just change my 0.9.0b distribution
to include those enhancements? Or could you send me the changed files?
Since you say that the current OpenSSL release does not contain
these fixes I cannot use this one.
Other question: can OpenSSL easily be used as an replacement for SSLeay
using it with apache and mod_ssl?
--
Ciao ... Heiko Nardmann (Dipl.-Ing.)
Software Development, secunet (www.secunet.de)
Security Networks GmbH, Weidenauer Str. 223-225, D-57076 Siegen
Tel. : +49 271 48950-13 Fax : +49 271 48950-50
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
