As of now, we store the last mtime for the CRL file in a timespec
object. However we store seconds only and we ignore the subsecond
field (this came into being because not all platforms have nanoseconds
precision in timespec).
Given the above, we can safely replace the timespec object with a
simple time_t.
Reported-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20170316082117.21020-1-a@unstable.cc>
URL: http://www.mail-archive.com/search?l=mid&q=20170316082117.21020-1-a@unstable.cc
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit f3705dd1e711ee9f8546b841e4b18e9e9a224975)
... | ... |
@@ -571,12 +571,12 @@ tls_ctx_reload_crl(struct tls_root_ctx *ssl_ctx, const char *crl_file, |
571 | 571 |
* Note: Windows does not support tv_nsec. |
572 | 572 |
*/ |
573 | 573 |
if ((ssl_ctx->crl_last_size == crl_stat.st_size) |
574 |
- && (ssl_ctx->crl_last_mtime.tv_sec == crl_stat.st_mtime)) |
|
574 |
+ && (ssl_ctx->crl_last_mtime == crl_stat.st_mtime)) |
|
575 | 575 |
{ |
576 | 576 |
return; |
577 | 577 |
} |
578 | 578 |
|
579 |
- ssl_ctx->crl_last_mtime.tv_sec = crl_stat.st_mtime; |
|
579 |
+ ssl_ctx->crl_last_mtime = crl_stat.st_mtime; |
|
580 | 580 |
ssl_ctx->crl_last_size = crl_stat.st_size; |
581 | 581 |
backend_tls_ctx_reload_crl(ssl_ctx, crl_file, crl_file_inline); |
582 | 582 |
} |
... | ... |
@@ -74,7 +74,7 @@ struct tls_root_ctx { |
74 | 74 |
mbedtls_x509_crt *ca_chain; /**< CA chain for remote verification */ |
75 | 75 |
mbedtls_pk_context *priv_key; /**< Local private key */ |
76 | 76 |
mbedtls_x509_crl *crl; /**< Certificate Revocation List */ |
77 |
- struct timespec crl_last_mtime; /**< CRL last modification time */ |
|
77 |
+ time_t crl_last_mtime; /**< CRL last modification time */ |
|
78 | 78 |
off_t crl_last_size; /**< size of last loaded CRL */ |
79 | 79 |
#if defined(ENABLE_PKCS11) |
80 | 80 |
mbedtls_pkcs11_context *priv_key_pkcs11; /**< PKCS11 private key */ |