diff options
| -rw-r--r-- | lib/x509/x509.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 07e8be08c7..a96e23c770 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -451,6 +451,14 @@ int _gnutls_check_cert_sanity(gnutls_x509_crt_t cert) } } + if (gnutls_x509_crt_get_expiration_time(cert) == -1 || + gnutls_x509_crt_get_activation_time(cert) == -1) { + gnutls_assert(); + _gnutls_debug_log("error: invalid expiration or activation time in certificate\n"); + result = GNUTLS_E_X509_CERTIFICATE_ERROR; + goto cleanup; + } + result = 0; cleanup: |