- djm@cvs.openbsd.org 2013/10/23 04:16:22

[ssh-keygen.c] Make code match documentation: relative-specified certificate expiry time should be relative to current time and not the validity start time. Reported by Petr Lautrbach; ok deraadt@
author: djm <djm> 2013-10-23 05:31:31 +0000
committer: djm <djm> 2013-10-23 05:31:31 +0000
commit: e76254f1dd4932a4bd85fa2f42f0ffd35926cc0b (patch)
tree: 653d13549d5c1dab86d4a18323e6c75985b735e9 /ssh-keygen.c
parent: 63464a808f9d22c7a8a0fdba2e6a6e7167adf0bb (diff)
download: openssh-e76254f1dd4932a4bd85fa2f42f0ffd35926cc0b.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index b8d55452..b664a5f1 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.234 2013/09/02 22:00:34 deraadt Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.235 2013/10/23 04:16:22 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1743,7 +1743,7 @@ parse_cert_times(char *timespec)
 		cert_valid_from = parse_absolute_time(from);
 
 	if (*to == '-' || *to == '+')
-		cert_valid_to = parse_relative_time(to, cert_valid_from);
+		cert_valid_to = parse_relative_time(to, now);
 	else
 		cert_valid_to = parse_absolute_time(to);
author	djm <djm>	2013-10-23 05:31:31 +0000
committer	djm <djm>	2013-10-23 05:31:31 +0000
commit	e76254f1dd4932a4bd85fa2f42f0ffd35926cc0b (patch)
tree	653d13549d5c1dab86d4a18323e6c75985b735e9 /ssh-keygen.c
parent	63464a808f9d22c7a8a0fdba2e6a6e7167adf0bb (diff)
download	openssh-e76254f1dd4932a4bd85fa2f42f0ffd35926cc0b.tar.gz