From 570f55a0e3eb05380d8ea503d345503e1acc6b4d Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Thu, 8 Oct 2020 23:26:28 -0500
Subject: [PATCH] wolfSSL_get_ocsp_producedDate*(): gate on
 !defined(NO_ASN_TIME), and in client_test(), gate call to strftime() on
 HAVE_STRFTIME and add fallback code; add HAVE_STRFTIME test to configure.ac.

---
 configure.ac             |  4 ++--
 examples/client/client.c | 16 +++++++++++++---
 src/ssl.c                |  2 +-
 wolfssl/ssl.h            |  2 +-
 4 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/configure.ac b/configure.ac
index 941fb24b3..cd4d95054 100644
--- a/configure.ac
+++ b/configure.ac
@@ -67,8 +67,8 @@ AC_CHECK_SIZEOF([long long])
 AC_CHECK_SIZEOF([long])
 AC_CHECK_SIZEOF([time_t])
 AC_CHECK_TYPES([__uint128_t])
-AC_CHECK_FUNCS([gethostbyname getaddrinfo gettimeofday gmtime_r inet_ntoa memset socket])
-AC_CHECK_HEADERS([arpa/inet.h fcntl.h limits.h netdb.h netinet/in.h stddef.h sys/ioctl.h sys/socket.h sys/time.h errno.h])
+AC_CHECK_FUNCS([gethostbyname getaddrinfo gettimeofday gmtime_r inet_ntoa memset socket strftime])
+AC_CHECK_HEADERS([arpa/inet.h fcntl.h limits.h netdb.h netinet/in.h stddef.h time.h sys/ioctl.h sys/socket.h sys/time.h errno.h])
 AC_CHECK_LIB([network],[socket])
 AC_C_BIGENDIAN
 
diff --git a/examples/client/client.c b/examples/client/client.c
index e5463a04c..f55a44816 100644
--- a/examples/client/client.c
+++ b/examples/client/client.c
@@ -3007,14 +3007,24 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 
     showPeerEx(ssl, lng_index);
 
-#ifdef HAVE_OCSP
+#if defined(HAVE_OCSP) && !defined(NO_ASN_TIME)
+#ifdef HAVE_STRFTIME
     {
         struct tm tm;
         char date[32];
         ret = wolfSSL_get_ocsp_producedDate_tm(ssl, &tm);
-        if ((ret == 0) && (strftime(date, sizeof date, "%Y-%m-%d %H:%M:%S %z",&tm) > 0))
-            printf("OCSP response timestamp: %s\n",date);
+        if ((ret == 0) && (strftime(date, sizeof date, "%Y-%m-%d %H:%M:%S %z", &tm) > 0))
+            printf("OCSP response timestamp: %s\n", date);
     }
+#else
+    {
+        byte date[MAX_DATE_SIZE];
+        int asn_date_format;
+        ret = wolfSSL_get_ocsp_producedDate(ssl, date, sizeof date, &asn_date_format);
+        if (ret == 0)
+            printf("OCSP response timestamp: %s (ASN.1 type %d)\n", (char *)date, asn_date_format);
+    }
+#endif
 #endif
 
 #ifdef OPENSSL_EXTRA
diff --git a/src/ssl.c b/src/ssl.c
index dcfb92849..55817f477 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -44134,7 +44134,7 @@ int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url)
 #endif /* OCSP */
 #endif /* OPENSSL_ALL || WOLFSSL_NGINX  || WOLFSSL_HAPROXY */
 
-#ifdef HAVE_OCSP
+#if defined(HAVE_OCSP) && !defined(NO_ASN_TIME)
 int wolfSSL_get_ocsp_producedDate(
     WOLFSSL *ssl,
     byte *producedDate,
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 358875604..7acee6797 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -3735,7 +3735,7 @@ WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data,
 WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void);
 #endif
 
-#ifdef HAVE_OCSP
+#if defined(HAVE_OCSP) && !defined(NO_ASN_TIME)
     WOLFSSL_API int wolfSSL_get_ocsp_producedDate(
         WOLFSSL *ssl,
         byte *producedDate,