Startsida Utforska Hjälp
Registrera dig Logga in
chenxixian
/
ovpm
spegling av https://github.com/cad/ovpm.git
1
0
Fork 0
Filer Ärenden 0 Wiki
Bläddra i källkod

refactor(pki): ensure consistent cert validation date/times, ensure validation date/times in UTC

Mustafa Arici 8 år sedan
förälder
64c285906e
incheckning
b04d51d49d
2 ändrade filer med 8 tillägg och 7 borttagningar
Delad Vy Visa Diff Statistik
  1. 5 5
      bindata/bindata.go
  2. 3 2
      pki/pki.go

+ 5 - 5
bindata/bindata.go
Visa fil 

@@ -87,7 +87,7 @@ func templateCcdFileTmpl() (*asset, error) {
 
 		return nil, err
 
 	}
 
 
-	info := bindataFileInfo{name: "template/ccd.file.tmpl", size: 74, mode: os.FileMode(420), modTime: time.Unix(1501822328, 0)}
 
+	info := bindataFileInfo{name: "template/ccd.file.tmpl", size: 74, mode: os.FileMode(436), modTime: time.Unix(1500555693, 0)}
 
 	a := &asset{bytes: bytes, info: info}
 
 	return a, nil
 
 }
 
@@ -107,7 +107,7 @@ func templateClientOvpnTmpl() (*asset, error) {
 
 		return nil, err
 
 	}
 
 
-	info := bindataFileInfo{name: "template/client.ovpn.tmpl", size: 306, mode: os.FileMode(420), modTime: time.Unix(1502656204, 0)}
 
+	info := bindataFileInfo{name: "template/client.ovpn.tmpl", size: 306, mode: os.FileMode(436), modTime: time.Unix(1502657766, 0)}
 
 	a := &asset{bytes: bytes, info: info}
 
 	return a, nil
 
 }
 
@@ -127,7 +127,7 @@ func templateDh4096PemTmpl() (*asset, error) {
 
 		return nil, err
 
 	}
 
 
-	info := bindataFileInfo{name: "template/dh4096.pem.tmpl", size: 1468, mode: os.FileMode(420), modTime: time.Unix(1501822328, 0)}
 
+	info := bindataFileInfo{name: "template/dh4096.pem.tmpl", size: 1468, mode: os.FileMode(436), modTime: time.Unix(1500555693, 0)}
 
 	a := &asset{bytes: bytes, info: info}
 
 	return a, nil
 
 }
 
@@ -147,7 +147,7 @@ func templateIptablesTmpl() (*asset, error) {
 
 		return nil, err
 
 	}
 
 
-	info := bindataFileInfo{name: "template/iptables.tmpl", size: 0, mode: os.FileMode(420), modTime: time.Unix(1501822328, 0)}
 
+	info := bindataFileInfo{name: "template/iptables.tmpl", size: 0, mode: os.FileMode(436), modTime: time.Unix(1500555693, 0)}
 
 	a := &asset{bytes: bytes, info: info}
 
 	return a, nil
 
 }
 
@@ -167,7 +167,7 @@ func templateServerConfTmpl() (*asset, error) {
 
 		return nil, err
 
 	}
 
 
-	info := bindataFileInfo{name: "template/server.conf.tmpl", size: 9585, mode: os.FileMode(420), modTime: time.Unix(1502173553, 0)}
 
+	info := bindataFileInfo{name: "template/server.conf.tmpl", size: 9585, mode: os.FileMode(436), modTime: time.Unix(1502270416, 0)}
 
 	a := &asset{bytes: bytes, info: info}
 
 	return a, nil
 
 }

+ 3 - 2
pki/pki.go
Visa fil 

@@ -156,9 +156,10 @@ func newCert(ca *CA, server bool, cn string) (*CertHolder, error) {
 
 		return nil, err
 
 	}
 
 
+	now := time.Now()
 
 	tml := x509.Certificate{
 
-		NotBefore:    time.Now(),
 
-		NotAfter:     time.Now().AddDate(5, 0, 0),
 
+		NotBefore:    now.Add(-10 * time.Minute).UTC(),
 
+		NotAfter:     now.Add(time.Duration(24*365) * time.Hour).UTC(),
 
 		SerialNumber: serial,
 
 		Subject: pkix.Name{
 
 			CommonName:   cn,