Have time check come after root certificate check

Thinking is that if the *CA* certificate is the certificate signing the server, then they can say whatever they want. Given the propensity of firmware clocks to be off, this seems like a reasonably comfortable compromise.
2024-11-24 18:40:12 +00:00 · 2014-03-07 16:15:29 -05:00 · 2014-03-07 16:15:29 -05:00 · 6962fae86e
commit 6962fae86e
parent ab7d5e8983
2 changed files with 8 additions and 8 deletions
--- a/src/config/general.h
+++ b/src/config/general.h
@ -111,12 +111,12 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #undef	AUTOBOOT_CMD		/* Automatic booting */
 #define	NVO_CMD			/* Non-volatile option storage commands */
 #undef	CONFIG_CMD		/* Option configuration console */
-#undef	IFMGMT_CMD		/* Interface management commands */
+#define	IFMGMT_CMD		/* Interface management commands */
 #undef	IWMGMT_CMD		/* Wireless interface management commands */
 #undef FCMGMT_CMD		/* Fibre Channel management commands */
-#undef	ROUTE_CMD		/* Routing table management commands */
+#define	ROUTE_CMD		/* Routing table management commands */
 #define IMAGE_CMD		/* Image management commands */
-#undef DHCP_CMD		/* DHCP management commands */
+#define DHCP_CMD		/* DHCP management commands */
 #define SANBOOT_CMD		/* SAN boot commands */
 #undef MENU_CMD		/* Menu commands */
 #undef LOGIN_CMD		/* Login command */
@ -125,7 +125,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #undef	LOTEST_CMD		/* Loopback testing commands */
 #undef	VLAN_CMD		/* VLAN commands */
 #undef	PXE_CMD			/* PXE commands */
-#undef	REBOOT_CMD		/* Reboot command */
+#define	REBOOT_CMD		/* Reboot command */
 #define IMAGE_TRUST_CMD	/* Image trust management commands */
 #undef  SYNC_CMD		/* Sync command */
 #undef  NSLOOKUP_CMD		/* DNS resolving command */
--- a/src/crypto/x509.c
+++ b/src/crypto/x509.c
@ -1310,10 +1310,6 @@ int x509_validate ( struct x509_certificate *cert,
 	if ( cert->valid )
 		return 0;

-	/* Fail if certificate is invalid at specified time */
-	if ( ( rc = x509_check_time ( cert, time ) ) != 0 )
-		return rc;
-
 	/* Succeed if certificate is a trusted root certificate */
 	if ( x509_check_root ( cert, root ) == 0 ) {
 		cert->valid = 1;
@ -1321,6 +1317,10 @@ int x509_validate ( struct x509_certificate *cert,
 		return 0;
 	}

+	/* Fail if certificate is invalid at specified time */
+	if ( ( rc = x509_check_time ( cert, time ) ) != 0 )
+		return rc;
+
 	/* Fail unless we have an issuer */
 	if ( ! issuer ) {
 		DBGC2 ( cert, "X509 %p \"%s\" has no issuer\n",