Re: [openssl-dev] X509_cmp_time (possible) bug

Correct, But if one want’s strcmp()’s behavior (i.e. 0 is equality), ASN1_TIME_cmp_time_t() will work (and was written because X509_cmp_time() couldn’t be changed without breaking other things). -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea,

Re: [openssl-dev] X509_cmp_time (possible) bug

On Mon 2017-09-11 14:16:11 +, Short, Todd via openssl-dev wrote: > Yes, it’s annoying, but it’s historic. I looked into changing this at one > point. I think Dimitry's point was that the documentation doesn't match the implementation because of the flexibility of strcmp's defined return

Re: [openssl-dev] X509_cmp_time (possible) bug

Yes, it’s annoying, but it’s historic. I looked into changing this at one point. I recommend using ASN1_TIME_cmp_time_t() (from the master branch) instead, for the results you are expecting. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if

[openssl-dev] X509_cmp_time (possible) bug

Hello, The X509_cmp_time function is documented as returning -1 or 1 on success and 0 on error. In fact it returns result of strcmp: int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) { ... i = strcmp(buff1, buff2); if (i == 0) /* wait a second then return younger