Implement certificate lifetime parameter as required by WebRTC RFC.

webrtc/base/opensslidentity.cc

Index: webrtc/base/opensslidentity.cc
diff --git a/webrtc/base/opensslidentity.cc b/webrtc/base/opensslidentity.cc
index 7185571102d9341d201cfb768c1b280b691f4475..2acef63b89a45ef2b9cad0c8345ef5092fac0659 100644
--- a/webrtc/base/opensslidentity.cc
+++ b/webrtc/base/opensslidentity.cc
@@ -36,12 +36,6 @@ namespace rtc {
 // Random bits for certificate serial number
 static const int SERIAL_RAND_BITS = 64;
 
-// Certificate validity lifetime
-static const int CERTIFICATE_LIFETIME = 60*60*24*30;  // 30 days, arbitrarily
-// Certificate validity window.
-// This is to compensate for slightly incorrect system clocks.
-static const int CERTIFICATE_WINDOW = -60*60*24;
-
 // Generate a key pair. Caller is responsible for freeing the returned object.
 static EVP_PKEY* MakeKey(const KeyParams& key_params) {
   LOG(LS_INFO) << "Making key pair";
@@ -414,13 +408,14 @@ OpenSSLIdentity* OpenSSLIdentity::GenerateInternal(
 }
 
 OpenSSLIdentity* OpenSSLIdentity::Generate(const std::string& common_name,
-                                           const KeyParams& key_params) {
+                                           const KeyParams& key_params,
+                                           time_t certificate_lifetime) {
   SSLIdentityParams params;
   params.key_params = key_params;
   params.common_name = common_name;
   time_t now = time(NULL);
   params.not_before = now + CERTIFICATE_WINDOW;
-  params.not_after = now + CERTIFICATE_LIFETIME;
+  params.not_after = now + certificate_lifetime;
   return GenerateInternal(params);
 }