diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-11-06 22:36:33 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-11-06 22:37:22 +0100 |
| commit | 40d67276f0b38f5b70a876808cf97f650ec0c80c (patch) | |
| tree | bfa813d4e705c725fe88cb4763c82596eef77902 | |
| parent | 4651a569b1eb36fa7bbe99e861ea26fafe4442f8 (diff) | |
| download | gnutls-40d67276f0b38f5b70a876808cf97f650ec0c80c.tar.gz | |
corrected checks
| -rw-r--r-- | src/certtool.c | 34 |
1 files changed, 7 insertions, 27 deletions
diff --git a/src/certtool.c b/src/certtool.c index ad5a3e9cb3..e1b1f55c29 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -2180,14 +2180,14 @@ print_verification_res (FILE* outfile, unsigned int output) { int comma = 0; - if (output & GNUTLS_CERT_INVALID) + if (output == 0) { - fprintf (outfile, "Not verified"); + fprintf (outfile, "Verified"); comma = 1; } else { - fprintf (outfile, "Verified"); + fprintf (outfile, "Not verified"); comma = 1; } @@ -2223,22 +2223,6 @@ print_verification_res (FILE* outfile, unsigned int output) comma = 1; } - if (output & GNUTLS_CERT_REVOCATION_DATA_TOO_OLD) - { - if (comma) - fprintf (outfile, ", "); - fprintf (outfile, "Newer CRL is available"); - comma = 1; - } - - if (output & GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE) - { - if (comma) - fprintf (outfile, ", "); - fprintf (outfile, "CRL has future date"); - comma = 1; - } - if (output & GNUTLS_CERT_REVOKED) { if (comma) @@ -2303,7 +2287,6 @@ verify_crl (common_info_st * cinfo) int ret; gnutls_datum_t pem; gnutls_x509_crl_t crl; - time_t now = time (0); gnutls_x509_crt_t issuer; issuer = load_ca_cert (cinfo); @@ -2363,23 +2346,20 @@ verify_crl (common_info_st * cinfo) comma = 1; } - /* Check expiration dates. - */ - - if (gnutls_x509_crl_get_this_update (crl) > now) + if (output & GNUTLS_CERT_REVOCATION_DATA_TOO_OLD) { if (comma) fprintf (outfile, ", "); + fprintf (outfile, "CRL is not up to date"); comma = 1; - fprintf (outfile, "Issued in the future!"); } - if (gnutls_x509_crl_get_next_update (crl) < now) + if (output & GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE) { if (comma) fprintf (outfile, ", "); + fprintf (outfile, "Issued in the future!"); comma = 1; - fprintf (outfile, "CRL is not up to date"); } fprintf (outfile, "\n"); |