[En-Nut-Discussion] [PATCH 1/2] FIX: accept certificate without expiration date
Krzysztof Sawicki
krzysztof.sawicki at mlabs.pl
Mon Apr 24 11:02:28 CEST 2017
---
nut/tls/x509.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/nut/tls/x509.c b/nut/tls/x509.c
index 2b483c7..310d26b 100644
--- a/nut/tls/x509.c
+++ b/nut/tls/x509.c
@@ -385,7 +385,7 @@ int x509_verify(const CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert)
}
/* check the not after date */
- if (tv.tv_sec > cert->not_after)
+ if ((cert->not_after != -1) && (tv.tv_sec > cert->not_after))
{
ret = X509_VFY_ERROR_EXPIRED;
goto end_verify;
--
2.7.4
More information about the En-Nut-Discussion
mailing list