MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking

The current choice of lifetime for the autogenerated X.509 of 100 years,
putting the validTo date in 2112, causes problems on 32-bit systems where a
32-bit time_t wraps in 2106.  64-bit x86_64 systems seem to be unaffected.

This can result in something like:

	Loading module verification certificates
	X.509: Cert 6e03943da0f3b015ba6ed7f5e0cac4fe48680994 has expired
	MODSIGN: Problem loading in-kernel X.509 certificate (-127)

Or:

	X.509: Cert 6e03943da0f3b015ba6ed7f5e0cac4fe48680994 is not yet valid
	MODSIGN: Problem loading in-kernel X.509 certificate (-129)

Instead of turning the dates into time_t values and comparing, turn the system
clock and the ASN.1 dates into tm structs and compare those piecemeal instead.

Reported-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Josh Boyer <jwboyer@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

1 files changed, 2 insertions, 2 deletions

diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h
index 635053f7e962..f86dc5fcc4ad 100644
--- a/crypto/asymmetric_keys/x509_parser.h
+++ b/crypto/asymmetric_keys/x509_parser.h
@@ -18,8 +18,8 @@ struct x509_certificate {
         char            *subject;               /* Name of certificate subject */
         char            *fingerprint;           /* Key fingerprint as hex */
         char            *authority;             /* Authority key fingerprint as hex */
-        time_t          valid_from;
-        time_t          valid_to;
+        struct tm       valid_from;
+        struct tm       valid_to;
         enum pkey_algo  pkey_algo : 8;          /* Public key algorithm */
         enum pkey_algo  sig_pkey_algo : 8;      /* Signature public key algorithm */
         enum pkey_hash_algo sig_hash_algo : 8;  /* Signature hash algorithm */