From 9bda3fda70912d73266a2dbac5470ca23d2ff6fd Mon Sep 17 00:00:00 2001 From: Carl Hetherington Date: Sat, 12 Feb 2022 22:53:14 +0100 Subject: [PATCH] Go back to 10-year certificate validity periods (#2174). --- cscript | 4 ++-- src/lib/config.cc | 1 + src/lib/util.h | 1 + src/wx/config_dialog.cc | 1 + test/import_dcp_test.cc | 3 +-- test/vf_kdm_test.cc | 2 +- 6 files changed, 7 insertions(+), 5 deletions(-) diff --git a/cscript b/cscript index 390978de5..d2a9cf8a8 100644 --- a/cscript +++ b/cscript @@ -432,8 +432,8 @@ def dependencies(target, options): # Use distro-provided FFmpeg on Arch deps = [] - deps.append(('libdcp', 'v1.8.6')) - deps.append(('libsub', 'v1.6.6')) + deps.append(('libdcp', 'v1.8.7')) + deps.append(('libsub', 'v1.6.7')) deps.append(('leqm-nrt', '93ae9e6')) deps.append(('rtaudio', 'f619b76')) # We get our OpenSSL libraries from the environment, but we diff --git a/src/lib/config.cc b/src/lib/config.cc index 0d70c16fc..abf0eb42b 100644 --- a/src/lib/config.cc +++ b/src/lib/config.cc @@ -204,6 +204,7 @@ Config::create_certificate_chain () { return make_shared ( openssl_path(), + CERTIFICATE_VALIDITY_PERIOD, "dcpomatic.com", "dcpomatic.com", ".dcpomatic.smpte-430-2.ROOT", diff --git a/src/lib/util.h b/src/lib/util.h index 10c5678ff..cbf4b491b 100644 --- a/src/lib/util.h +++ b/src/lib/util.h @@ -78,6 +78,7 @@ namespace dcp { /** Maximum size of the XML part of a closed caption file, according to SMPTE Bv2.1 */ #define MAX_CLOSED_CAPTION_XML_SIZE (256 * 1024) #define MAX_CLOSED_CAPTION_XML_SIZE_TEXT "256KB" +#define CERTIFICATE_VALIDITY_PERIOD (10 * 365) extern std::string program_name; extern bool is_batch_converter; diff --git a/src/wx/config_dialog.cc b/src/wx/config_dialog.cc index 514a6cde6..c5879d3bb 100644 --- a/src/wx/config_dialog.cc +++ b/src/wx/config_dialog.cc @@ -583,6 +583,7 @@ CertificateChainEditor::remake_certificates () _set ( make_shared ( openssl_path (), + CERTIFICATE_VALIDITY_PERIOD, d->organisation (), d->organisational_unit (), d->root_common_name (), diff --git a/test/import_dcp_test.cc b/test/import_dcp_test.cc index 46deea539..cfac511b3 100644 --- a/test/import_dcp_test.cc +++ b/test/import_dcp_test.cc @@ -72,9 +72,8 @@ BOOST_AUTO_TEST_CASE (import_dcp_test) dcp::DCP A_dcp ("build/test/import_dcp_test/" + A->dcp_name()); A_dcp.read (); - Config::instance()->set_decryption_chain (make_shared(openssl_path())); + Config::instance()->set_decryption_chain (make_shared(openssl_path(), CERTIFICATE_VALIDITY_PERIOD)); - /* Dear future-carl: I suck! I thought you wouldn't still be running these tests in 2030! Sorry! */ auto kdm = A->make_kdm ( Config::instance()->decryption_chain()->leaf (), vector(), diff --git a/test/vf_kdm_test.cc b/test/vf_kdm_test.cc index 5248ee798..ff7c07b73 100644 --- a/test/vf_kdm_test.cc +++ b/test/vf_kdm_test.cc @@ -66,7 +66,7 @@ BOOST_AUTO_TEST_CASE (vf_kdm_test) dcp::DCP A_dcp ("build/test/vf_kdm_test_ov/" + A->dcp_name()); A_dcp.read (); - Config::instance()->set_decryption_chain (make_shared(openssl_path())); + Config::instance()->set_decryption_chain (make_shared(openssl_path(), CERTIFICATE_VALIDITY_PERIOD)); auto A_kdm = A->make_kdm ( Config::instance()->decryption_chain()->leaf(), -- 2.30.2