kentpeacock / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone
770374
diff -U0 openssh-6.4p1/ChangeLog.ssh-keygen-V openssh-6.4p1/ChangeLog
770374
--- openssh-6.4p1/ChangeLog.ssh-keygen-V	2014-01-28 11:07:41.374758458 +0100
770374
+++ openssh-6.4p1/ChangeLog	2014-01-28 11:14:38.172631130 +0100
770374
@@ -0,0 +1,7 @@
770374
+20131023
770374
+   - djm@cvs.openbsd.org 2013/10/23 04:16:22
770374
+     [ssh-keygen.c]
770374
+     Make code match documentation: relative-specified certificate expiry time
770374
+     should be relative to current time and not the validity start time.
770374
+     Reported by Petr Lautrbach; ok deraadt@
770374
+
770374
diff -up openssh-6.4p1/ssh-keygen.c.ssh-keygen-V openssh-6.4p1/ssh-keygen.c
770374
--- openssh-6.4p1/ssh-keygen.c.ssh-keygen-V	2014-01-28 11:07:41.365758505 +0100
770374
+++ openssh-6.4p1/ssh-keygen.c	2014-01-28 11:07:41.375758453 +0100
770374
@@ -1747,7 +1747,7 @@ parse_cert_times(char *timespec)
770374
 		cert_valid_from = parse_absolute_time(from);
770374
 
770374
 	if (*to == '-' || *to == '+')
770374
-		cert_valid_to = parse_relative_time(to, cert_valid_from);
770374
+		cert_valid_to = parse_relative_time(to, now);
770374
 	else
770374
 		cert_valid_to = parse_absolute_time(to);
770374