Use UTC to heck certificate validity

commit: 0776a437885cc28671c55862ee8e7631d9919476 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Apr 11 12:25:45 2014 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Fri Apr 11 13:59:31 2014 +0200
tree: 8e1a382d7dce94b776cc615d8b8e9349adb75810
parent: 52c5af7d2d69d48f1c09050c88d353c264653a28 [diff]
diff --git a/ChangeLog b/ChangeLog
index 83f1528..0c18ff7 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -16,6 +16,7 @@
    * x509_crt_info() now prints information about parsed extensions as well
    * pk_verify() now returns a specific error code when the signature is valid
      but shorter than the supplied length.
+   * Use UTC time to check certificate validity.
 
 Security
    * Avoid potential timing leak in ecdsa_sign() by blinding modular division.

diff --git a/library/x509.c b/library/x509.c
index 57de545..54623a0 100644
--- a/library/x509.c
+++ b/library/x509.c

@@ -627,7 +627,7 @@
 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
     SYSTEMTIME st;
 
-    GetLocalTime(&st);
+    GetSystemTime(&st);
 
     now->year = st.wYear;
     now->mon = st.wMonth;
@@ -640,7 +640,7 @@
     time_t tt;
 
     tt = time( NULL );
-    localtime_r( &tt, &lt );
+    gmtime_r( &tt, &lt );
 
     now->year = lt.tm_year + 1900;
     now->mon = lt.tm_mon + 1;
commit	0776a437885cc28671c55862ee8e7631d9919476	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Fri Apr 11 12:25:45 2014 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Fri Apr 11 13:59:31 2014 +0200
tree	8e1a382d7dce94b776cc615d8b8e9349adb75810
parent	52c5af7d2d69d48f1c09050c88d353c264653a28 [diff]