libgnutls: Check activation/expiration times on untrusted certificates.

Reported by Romain Francoise.
author: Simon Josefsson <simon@josefsson.org> 2009-04-30 12:05:58 +0200
committer: Simon Josefsson <simon@josefsson.org> 2009-04-30 13:15:44 +0200
commit: 72c14e1018e896a2e0adbb6c3a1448f47efcfaeb (patch)
tree: ee0d0746ad246fef756b7f22da6f683eda914ac0 /src
parent: d96404c4b967cabc3f54b9981ae4fca0d3dab444 (diff)
download: gnutls-72c14e1018e896a2e0adbb6c3a1448f47efcfaeb.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/common.c b/src/common.c
index c383d7daf2..226fdb750b 100644
--- a/src/common.c
+++ b/src/common.c
@@ -272,6 +272,10 @@ print_cert_vrfy (gnutls_session_t session)
 	printf ("- Peer's certificate issuer is not a CA\n");
       if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
 	printf ("- Peer's certificate chain uses insecure algorithm\n");
+      if (status & GNUTLS_CERT_NOT_ACTIVATED)
+	printf ("- Peer's certificate chain uses not yet valid certificate\n");
+      if (status & GNUTLS_CERT_EXPIRED)
+	printf ("- Peer's certificate chain uses expired certificate\n");
       if (status & GNUTLS_CERT_INVALID)
 	printf ("- Peer's certificate is NOT trusted\n");
       else
author	Simon Josefsson <simon@josefsson.org>	2009-04-30 12:05:58 +0200
committer	Simon Josefsson <simon@josefsson.org>	2009-04-30 13:15:44 +0200
commit	72c14e1018e896a2e0adbb6c3a1448f47efcfaeb (patch)
tree	ee0d0746ad246fef756b7f22da6f683eda914ac0 /src
parent	d96404c4b967cabc3f54b9981ae4fca0d3dab444 (diff)
download	gnutls-72c14e1018e896a2e0adbb6c3a1448f47efcfaeb.tar.gz