diff options
| author | Carl Hetherington <cth@carlh.net> | 2022-02-12 22:53:14 +0100 |
|---|---|---|
| committer | Carl Hetherington <cth@carlh.net> | 2022-02-12 23:15:20 +0100 |
| commit | 9bda3fda70912d73266a2dbac5470ca23d2ff6fd (patch) | |
| tree | bf4efad1536b3a8851fc3a7cf91514ba24b4fe1e | |
| parent | 94e5ee4943069d839f6b0b8081704d130cd9ec5c (diff) | |
Go back to 10-year certificate validity periods (#2174).
| -rw-r--r-- | cscript | 4 | ||||
| -rw-r--r-- | src/lib/config.cc | 1 | ||||
| -rw-r--r-- | src/lib/util.h | 1 | ||||
| -rw-r--r-- | src/wx/config_dialog.cc | 1 | ||||
| -rw-r--r-- | test/import_dcp_test.cc | 3 | ||||
| -rw-r--r-- | test/vf_kdm_test.cc | 2 |
6 files changed, 7 insertions, 5 deletions
@@ -432,8 +432,8 @@ def dependencies(target, options): # Use distro-provided FFmpeg on Arch deps = [] - deps.append(('libdcp', 'v1.8.6')) - deps.append(('libsub', 'v1.6.6')) + deps.append(('libdcp', 'v1.8.7')) + deps.append(('libsub', 'v1.6.7')) deps.append(('leqm-nrt', '93ae9e6')) deps.append(('rtaudio', 'f619b76')) # We get our OpenSSL libraries from the environment, but we diff --git a/src/lib/config.cc b/src/lib/config.cc index 0d70c16fc..abf0eb42b 100644 --- a/src/lib/config.cc +++ b/src/lib/config.cc @@ -204,6 +204,7 @@ Config::create_certificate_chain () { return make_shared<dcp::CertificateChain> ( openssl_path(), + CERTIFICATE_VALIDITY_PERIOD, "dcpomatic.com", "dcpomatic.com", ".dcpomatic.smpte-430-2.ROOT", diff --git a/src/lib/util.h b/src/lib/util.h index 10c5678ff..cbf4b491b 100644 --- a/src/lib/util.h +++ b/src/lib/util.h @@ -78,6 +78,7 @@ namespace dcp { /** Maximum size of the XML part of a closed caption file, according to SMPTE Bv2.1 */ #define MAX_CLOSED_CAPTION_XML_SIZE (256 * 1024) #define MAX_CLOSED_CAPTION_XML_SIZE_TEXT "256KB" +#define CERTIFICATE_VALIDITY_PERIOD (10 * 365) extern std::string program_name; extern bool is_batch_converter; diff --git a/src/wx/config_dialog.cc b/src/wx/config_dialog.cc index 514a6cde6..c5879d3bb 100644 --- a/src/wx/config_dialog.cc +++ b/src/wx/config_dialog.cc @@ -583,6 +583,7 @@ CertificateChainEditor::remake_certificates () _set ( make_shared<dcp::CertificateChain> ( openssl_path (), + CERTIFICATE_VALIDITY_PERIOD, d->organisation (), d->organisational_unit (), d->root_common_name (), diff --git a/test/import_dcp_test.cc b/test/import_dcp_test.cc index 46deea539..cfac511b3 100644 --- a/test/import_dcp_test.cc +++ b/test/import_dcp_test.cc @@ -72,9 +72,8 @@ BOOST_AUTO_TEST_CASE (import_dcp_test) dcp::DCP A_dcp ("build/test/import_dcp_test/" + A->dcp_name()); A_dcp.read (); - Config::instance()->set_decryption_chain (make_shared<dcp::CertificateChain>(openssl_path())); + Config::instance()->set_decryption_chain (make_shared<dcp::CertificateChain>(openssl_path(), CERTIFICATE_VALIDITY_PERIOD)); - /* Dear future-carl: I suck! I thought you wouldn't still be running these tests in 2030! Sorry! */ auto kdm = A->make_kdm ( Config::instance()->decryption_chain()->leaf (), vector<string>(), diff --git a/test/vf_kdm_test.cc b/test/vf_kdm_test.cc index 5248ee798..ff7c07b73 100644 --- a/test/vf_kdm_test.cc +++ b/test/vf_kdm_test.cc @@ -66,7 +66,7 @@ BOOST_AUTO_TEST_CASE (vf_kdm_test) dcp::DCP A_dcp ("build/test/vf_kdm_test_ov/" + A->dcp_name()); A_dcp.read (); - Config::instance()->set_decryption_chain (make_shared<dcp::CertificateChain>(openssl_path())); + Config::instance()->set_decryption_chain (make_shared<dcp::CertificateChain>(openssl_path(), CERTIFICATE_VALIDITY_PERIOD)); auto A_kdm = A->make_kdm ( Config::instance()->decryption_chain()->leaf(), |