[En-Nut-Discussion] [PATCH 1/2] FIX: accept certificate without expiration date
Uwe Bonnes
bon at elektron.ikp.physik.tu-darmstadt.de
Mon Apr 24 13:08:58 CEST 2017
>>>>> "Krzysztof" == Krzysztof Sawicki <krzysztof.sawicki at mlabs.pl> writes:
Krzysztof> --- nut/tls/x509.c | 2 +- 1 file changed, 1 insertion(+), 1
Krzysztof> deletion(-)
Krzysztof> diff --git a/nut/tls/x509.c b/nut/tls/x509.c index
Krzysztof> 2b483c7..310d26b 100644 --- a/nut/tls/x509.c +++
Krzysztof> b/nut/tls/x509.c @@ -385,7 +385,7 @@ int x509_verify(const
Krzysztof> CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert) } /* check
Krzysztof> the not after date */ - if (tv.tv_sec > cert->not_after) + if
Krzysztof> ((cert->not_after != -1) && (tv.tv_sec > cert->not_after)) {
Krzysztof> ret = X509_VFY_ERROR_EXPIRED; goto end_verify; -- 2.7.4
Dear Krzysztof,
can you give some reference that a certificate without expiration date is
valid?
--
Uwe Bonnes bon at elektron.ikp.physik.tu-darmstadt.de
Institut fuer Kernphysik Schlossgartenstrasse 9 64289 Darmstadt
--------- Tel. 06151 1623569 ------- Fax. 06151 1623305 ---------
More information about the En-Nut-Discussion
mailing list