X.509: Remove certificate date checks
authorDavid Howells <dhowells@redhat.com>
Tue, 18 Jun 2013 16:40:44 +0000 (17:40 +0100)
committerDavid Howells <dhowells@redhat.com>
Wed, 25 Sep 2013 16:17:01 +0000 (17:17 +0100)
commit124df926090b32a998483f6e43ebeccdbe5b5302
treee9d05eaea4ad42e982e1b46961201dc5d91d8492
parent17334cabc814f8847975cddc0e29291af6093464
X.509: Remove certificate date checks

Remove the certificate date checks that are performed when a certificate is
parsed.  There are two checks: a valid from and a valid to.  The first check is
causing a lot of problems with system clocks that don't keep good time and the
second places an implicit expiry date upon the kernel when used for module
signing, so do we really need them?

Signed-off-by: David Howells <dhowells@redhat.com>
cc: David Woodhouse <dwmw2@infradead.org>
cc: Rusty Russell <rusty@rustcorp.com.au>
cc: Josh Boyer <jwboyer@redhat.com>
cc: Alexander Holler <holler@ahsoftware.de>
cc: stable@vger.kernel.org
crypto/asymmetric_keys/x509_public_key.c