From bd1861d6ce49ec764852ffa07f6c6c69ffddb28c Mon Sep 17 00:00:00 2001 From: fengweihao Date: Fri, 26 Jul 2019 13:19:37 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E7=BC=93=E5=AD=98=E6=97=B6?= =?UTF-8?q?=E9=97=B4=E5=88=A4=E6=96=AD=20=E4=BF=AE=E6=94=B9=E7=BC=96?= =?UTF-8?q?=E8=AF=91=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- platform/src/key_keeper.cpp | 4 ++++ platform/src/ssl_utils.cpp | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/platform/src/key_keeper.cpp b/platform/src/key_keeper.cpp index 3bed45c..f3e0e43 100644 --- a/platform/src/key_keeper.cpp +++ b/platform/src/key_keeper.cpp @@ -484,6 +484,10 @@ struct key_keeper* key_keeper_init(const char * profile, const char* section, vo MESA_load_profile_int_def(profile, section, "cert_expire_time", &(keeper->cert_expire_time), 24); keeper->cert_cache = create_hash_table(keeper->hash_slot_size, keeper->hash_expire_seconds); + if (keeper->cert_expire_time != -1) + { + keeper->hash_expire_seconds = MIN(keeper->cert_expire_time * 1800, (int)(keeper->hash_expire_seconds)); + } if(0==strcmp(keeper->untrusted_ca_path, keeper->trusted_ca_path)) { TFE_LOG_ERROR(logger, "Warnning: Trusted and Untrusted Root CA share the same path %s .", keeper->trusted_ca_path); diff --git a/platform/src/ssl_utils.cpp b/platform/src/ssl_utils.cpp index 97865f8..d84de7b 100644 --- a/platform/src/ssl_utils.cpp +++ b/platform/src/ssl_utils.cpp @@ -691,7 +691,7 @@ X509 * ssl_x509_forge(X509 * cacrt, EVP_PKEY * cakey, X509 * origcrt, EVP_PKEY * else { if(!X509_gmtime_adj(X509_get_notBefore(crt), (long)(0 - cert_expire_time * 1800)) || - !X509_gmtime_adj(X509_get_notAfter(crt), (long)(cert_expire_time * 1800)) + !X509_gmtime_adj(X509_get_notAfter(crt), (long)(cert_expire_time * 1800))) { goto errout; }