From: Marcel Poul <marcel.poul@cern.ch>
Date: Fri, 17 Aug 2012 00:31:54 +0000 (+0000)
Subject: add MAX_VALIDITY_PERIOD and set maxage to -1 as default value
X-Git-Tag: glite-jobid-api-c_R_2_2_2_1~31
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=7b54601c95e9993f43bc16cf195d679af0964f67;p=jra1mw.git

add MAX_VALIDITY_PERIOD and set maxage to -1 as default value
---

diff --git a/emi.canl.canl-c/src/proxy/sslutils.c b/emi.canl.canl-c/src/proxy/sslutils.c
index fbbd03a..97955c0 100644
--- a/emi.canl.canl-c/src/proxy/sslutils.c
+++ b/emi.canl.canl-c/src/proxy/sslutils.c
@@ -96,6 +96,8 @@ Description:
 #ifdef USE_PKCS11
 #include "scutils.h"
 #endif
+/* Maximum leeway in validity period: default 5 minutes */
+#define MAX_VALIDITY_PERIOD     (5 * 60)
 
 static int fix_add_entry_asn1_set_param = 0;
 
@@ -2205,6 +2207,8 @@ proxy_verify_callback(
                 c_store = NULL;
             }
         }
+        set_ocsp_skew(ocsp_data, MAX_VALIDITY_PERIOD);
+        set_ocsp_maxage(ocsp_data, -1);
 
         do_ocsp_verify (ocsp_data);
         /* TODO sign key and cert */