summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCarl Hetherington <cth@carlh.net>2022-02-12 16:18:18 +0100
committerCarl Hetherington <cth@carlh.net>2022-02-12 16:18:18 +0100
commitd6bf14897e544761e1a58b6d41f261d446afa5c9 (patch)
treebc12615b76526086d6177caf2c8c60b3b3783d7c
parentcee7cd1b4ed024f58487b6dd9fe9d9c838238c19 (diff)
Return to 10-year certificate validity (#2174).
Diffstat
-rw-r--r--cscript4
-rw-r--r--src/lib/config.cc1
-rw-r--r--src/lib/util.h2
-rw-r--r--src/wx/config_dialog.cc1
-rw-r--r--test/import_dcp_test.cc2
-rw-r--r--test/util_test.cc1
-rw-r--r--test/vf_kdm_test.cc2
7 files changed, 9 insertions, 4 deletions
diff --git a/cscript b/cscript
index e30d9d72e..5c17de099 100644
--- a/cscript
+++ b/cscript
@@ -391,8 +391,8 @@ def dependencies(target):
# Use distro-provided FFmpeg on Arch
deps = []
- deps.append(('libdcp', 'v1.6.18'))
- deps.append(('libsub', 'v1.4.25'))
+ deps.append(('libdcp', 'v1.6.19'))
+ deps.append(('libsub', 'v1.4.26'))
deps.append(('rtaudio-cdist', 'bf0fc23'))
return deps
diff --git a/src/lib/config.cc b/src/lib/config.cc
index a4dea7fd1..9b0cc5f97 100644
--- a/src/lib/config.cc
+++ b/src/lib/config.cc
@@ -210,6 +210,7 @@ Config::create_certificate_chain ()
return shared_ptr<dcp::CertificateChain> (
new dcp::CertificateChain (
openssl_path(),
+ CERTIFICATE_VALIDITY_PERIOD,
"dcpomatic.com",
"dcpomatic.com",
".dcpomatic.smpte-430-2.ROOT",
diff --git a/src/lib/util.h b/src/lib/util.h
index a011da335..933618d6c 100644
--- a/src/lib/util.h
+++ b/src/lib/util.h
@@ -63,6 +63,8 @@ namespace dcp {
#define CLOSED_CAPTION_LINES 3
/** Maximum line length of closed caption viewers */
#define CLOSED_CAPTION_LENGTH 30
+/** Validity period of certificate chains (in days) */
+#define CERTIFICATE_VALIDITY_PERIOD (10 * 365)
extern std::string program_name;
extern bool is_batch_converter;
diff --git a/src/wx/config_dialog.cc b/src/wx/config_dialog.cc
index f6fb3c948..a057c2e82 100644
--- a/src/wx/config_dialog.cc
+++ b/src/wx/config_dialog.cc
@@ -699,6 +699,7 @@ CertificateChainEditor::remake_certificates ()
shared_ptr<dcp::CertificateChain> (
new dcp::CertificateChain (
openssl_path (),
+ CERTIFICATE_VALIDITY_PERIOD,
d->organisation (),
d->organisational_unit (),
d->root_common_name (),
diff --git a/test/import_dcp_test.cc b/test/import_dcp_test.cc
index 71689f613..8b0b605a2 100644
--- a/test/import_dcp_test.cc
+++ b/test/import_dcp_test.cc
@@ -62,7 +62,7 @@ BOOST_AUTO_TEST_CASE (import_dcp_test)
dcp::DCP A_dcp ("build/test/import_dcp_test/" + A->dcp_name());
A_dcp.read ();
- Config::instance()->set_decryption_chain (shared_ptr<dcp::CertificateChain> (new dcp::CertificateChain (openssl_path ())));
+ Config::instance()->set_decryption_chain (shared_ptr<dcp::CertificateChain> (new dcp::CertificateChain (openssl_path (), CERTIFICATE_VALIDITY_PERIOD)));
dcp::EncryptedKDM kdm = A->make_kdm (
Config::instance()->decryption_chain()->leaf (),
diff --git a/test/util_test.cc b/test/util_test.cc
index 9b2fa989c..931e2bc15 100644
--- a/test/util_test.cc
+++ b/test/util_test.cc
@@ -108,6 +108,7 @@ BOOST_AUTO_TEST_CASE (swaroop_chain_test)
shared_ptr<dcp::CertificateChain> cc (
new dcp::CertificateChain (
openssl_path(),
+ CERTIFICATE_VALIDITY_PERIOD,
"dcpomatic.com",
"dcpomatic.com",
".dcpomatic.smpte-430-2.ROOT",
diff --git a/test/vf_kdm_test.cc b/test/vf_kdm_test.cc
index a28ea5b7e..071adcdb8 100644
--- a/test/vf_kdm_test.cc
+++ b/test/vf_kdm_test.cc
@@ -60,7 +60,7 @@ BOOST_AUTO_TEST_CASE (vf_kdm_test)
dcp::DCP A_dcp ("build/test/vf_kdm_test_ov/" + A->dcp_name());
A_dcp.read ();
- Config::instance()->set_decryption_chain (shared_ptr<dcp::CertificateChain> (new dcp::CertificateChain (openssl_path ())));
+ Config::instance()->set_decryption_chain (shared_ptr<dcp::CertificateChain> (new dcp::CertificateChain (openssl_path (), CERTIFICATE_VALIDITY_PERIOD)));
dcp::EncryptedKDM A_kdm = A->make_kdm (
Config::instance()->decryption_chain()->leaf (),
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-05 19:04:50 +0000