From 47222024a24f306b9e8693f2cf655ffe2a76a9d2 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 17 Feb 2017 15:14:38 +0100 Subject: Introduced GNUTLS_E_CERTIFICATE_TIME_ERROR error code This error code indicates an issue in the time fields of certificate. Signed-off-by: Nikos Mavrogiannopoulos --- lib/errors.c | 2 ++ lib/includes/gnutls/gnutls.h.in | 1 + lib/x509/x509.c | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/errors.c b/lib/errors.c index e17ce86557..7dd7e149ee 100644 --- a/lib/errors.c +++ b/lib/errors.c @@ -158,6 +158,8 @@ static const gnutls_error_entry error_entries[] = { GNUTLS_E_RECORD_LIMIT_REACHED), ERROR_ENTRY(N_("Error in the certificate."), GNUTLS_E_CERTIFICATE_ERROR), + ERROR_ENTRY(N_("Error in the time fields of certificate."), + GNUTLS_E_CERTIFICATE_TIME_ERROR), ERROR_ENTRY(N_("Error in the certificate verification."), GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR), ERROR_ENTRY(N_("Error in the private key verification; seed doesn't match."), diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index a550cdd004..2b240727d2 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -2838,6 +2838,7 @@ unsigned gnutls_fips140_mode_enabled(void); #define GNUTLS_E_NO_EMBEDDED_DATA -413 #define GNUTLS_E_INVALID_UTF8_EMAIL -414 #define GNUTLS_E_INVALID_PASSWORD_STRING -415 +#define GNUTLS_E_CERTIFICATE_TIME_ERROR -416 #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 diff --git a/lib/x509/x509.c b/lib/x509/x509.c index a96e23c770..9b97137e20 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -455,7 +455,7 @@ int _gnutls_check_cert_sanity(gnutls_x509_crt_t cert) gnutls_x509_crt_get_activation_time(cert) == -1) { gnutls_assert(); _gnutls_debug_log("error: invalid expiration or activation time in certificate\n"); - result = GNUTLS_E_X509_CERTIFICATE_ERROR; + result = GNUTLS_E_CERTIFICATE_TIME_ERROR; goto cleanup; } -- cgit v1.2.1