From ccb08f98aea68cbafee75c6602768a85d1e29b7f Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Sat, 10 Feb 2001 00:56:45 +0000
Subject: [PATCH] Fix CRL printing to correctly show when there are no revoked
 certificates.

Make ca.c correctly initialize the revocation date.

Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() set the
string type: so they can initialize ASN1_TIME structures properly.
---
 CHANGES               | 5 +++++
 apps/ca.c             | 7 +++----
 crypto/asn1/a_gentm.c | 1 +
 crypto/asn1/a_utctm.c | 1 +
 crypto/asn1/t_crl.c   | 2 +-
 5 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/CHANGES b/CHANGES
index 227de87b1e..0325df3e82 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,11 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string()
+     set string type: to handle setting ASN1_TIME structures. Fix ca
+     utility to correctly initialize revocation date of CRLs.
+     [Steve Henson]
+
   *) New option SSL_OP_CIPHER_SERVER_PREFERENCE allows the server to override
      the clients preferred ciphersuites and rather use its own preferences.
      Should help to work around M$ SGC (Server Gated Cryptography) bug in
diff --git a/apps/ca.c b/apps/ca.c
index 567ef4777c..b84e842bc0 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1379,10 +1379,9 @@ bad:
 			if (pp[DB_type][0] == DB_TYPE_REV)
 				{
 				if ((r=X509_REVOKED_new()) == NULL) goto err;
-				ASN1_STRING_set((ASN1_STRING *)
-					r->revocationDate,
-					(unsigned char *)pp[DB_rev_date],
-					strlen(pp[DB_rev_date]));
+				if (!ASN1_UTCTIME_set_string(r->revocationDate,
+					pp[DB_rev_date]))
+						goto err;
 				/* strcpy(r->revocationDate,pp[DB_rev_date]);*/
 
 				(void)BIO_reset(hex);
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index d71c190c77..f884b25f96 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -180,6 +180,7 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str)
 			{
 			ASN1_STRING_set((ASN1_STRING *)s,
 				(unsigned char *)str,t.length);
+			s->type=V_ASN1_GENERALIZEDTIME;
 			}
 		return(1);
 		}
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index 6ddeaff0ec..7cb646429a 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -179,6 +179,7 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str)
 			{
 			ASN1_STRING_set((ASN1_STRING *)s,
 				(unsigned char *)str,t.length);
+			s->type = V_ASN1_UTCTIME;
 			}
 		return(1);
 		}
diff --git a/crypto/asn1/t_crl.c b/crypto/asn1/t_crl.c
index f7b938bde2..ab9cd8fcff 100644
--- a/crypto/asn1/t_crl.c
+++ b/crypto/asn1/t_crl.c
@@ -112,7 +112,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
 
 	rev = X509_CRL_get_REVOKED(x);
 
-	if(sk_X509_REVOKED_num(rev))
+	if(sk_X509_REVOKED_num(rev) > 0)
 	    BIO_printf(out, "Revoked Certificates:\n");
 	else BIO_printf(out, "No Revoked Certificates.\n");
 
-- 
GitLab