session wrapper UPDATE exp time from cert getter

Author: roman

src/session_mbedtls.c

@@ -1883,3 +1883,25 @@ nc_server_tls_set_cipher_suites_wrap(void *tls_cfg, void *cipher_suites)
 {
     mbedtls_ssl_conf_ciphersuites(tls_cfg, cipher_suites);
 }
+
+time_t
+nc_tls_get_cert_exp_time_wrap(void *cert)
+{
+    struct tm t = {0};
+    mbedtls_x509_time *valid_to;
+
+    valid_to = &((mbedtls_x509_crt *)cert)->valid_to;
+
+    t.tm_sec = valid_to->sec;
+    t.tm_min = valid_to->min;
+    t.tm_hour = valid_to->hour;
+
+    t.tm_mday = valid_to->day;
+    t.tm_mon = valid_to->mon - 1;
+    t.tm_year = valid_to->year - 1900;
+
+    /* let system figure out the DST */
+    t.tm_isdst = -1;
+
+    return timegm(&t);
+}

src/session_openssl.c

@@ -1432,3 +1432,20 @@ nc_server_tls_set_cipher_suites_wrap(void *tls_cfg, void *cipher_suites)
     /* set for TLS1.3 */
     SSL_CTX_set_ciphersuites(tls_cfg, cipher_suites);
 }
+
+time_t
+nc_tls_get_cert_exp_time_wrap(void *cert)
+{
+    int r;
+    struct tm t = {0};
+
+    r = ASN1_TIME_to_tm(X509_get0_notAfter(cert), &t);
+    if (!r) {
+        return -1;
+    }
+
+    /* let system figure out the DST */
+    t.tm_isdst = -1;
+
+    return timegm(&t);
+}

src/session_wrapper.h

@@ -724,4 +724,13 @@ int nc_tls_append_cipher_suite_wrap(struct nc_server_tls_opts *opts, const char
  */
 void nc_server_tls_set_cipher_suites_wrap(void *tls_cfg, void *cipher_suites);
 
+/**
+ * @brief Get the certificate's expiration time.
+ *
+ * @param[in] cert Certificate.
+ *
+ * @return Calendar time of the expiration (it is in GMT) or -1 on error.
+ */
+time_t nc_tls_get_cert_exp_time_wrap(void *cert);
+
 #endif