diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-12-20 11:19:23 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-12-20 11:19:23 -0500 |
| commit | 748f0abc2d6b1c2da41d269882aabdcf5819b1ab (patch) | |
| tree | 32ddb975444b793361495161155ff913f27d2bdd | |
| parent | 2824413f40e20bb1c02eb6e180208eca203645f3 (diff) | |
| parent | 565ec6100f8cb7e0f688537f7d6861aa03d83bf6 (diff) | |
| download | tor-748f0abc2d6b1c2da41d269882aabdcf5819b1ab.tar.gz tor-748f0abc2d6b1c2da41d269882aabdcf5819b1ab.zip | |
Merge branch 'maint-0.3.2' into release-0.3.2
| -rw-r--r-- | src/common/tortls.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index 197c5e8d3b..9d2d0240a2 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -491,11 +491,14 @@ tor_tls_create_certificate,(crypto_pk_t *rsa, * the past. */ const time_t min_real_lifetime = 24*3600; const time_t start_granularity = 24*3600; - time_t earliest_start_time = now - cert_lifetime + min_real_lifetime - + start_granularity; + time_t earliest_start_time; /* Don't actually start in the future! */ - if (earliest_start_time >= now) + if (cert_lifetime <= min_real_lifetime + start_granularity) { earliest_start_time = now - 1; + } else { + earliest_start_time = now + min_real_lifetime + start_granularity + - cert_lifetime; + } start_time = crypto_rand_time_range(earliest_start_time, now); /* Round the start time back to the start of a day. */ start_time -= start_time % start_granularity; |