remove LastUpdate time checks from Crl's when verifying certificates.

author: relyea%netscape.com <devnull@localhost> 2002-02-27 18:56:24 +0000
committer: relyea%netscape.com <devnull@localhost> 2002-02-27 18:56:24 +0000
commit: c483e5f43bf6fd5d79dcd64821654ebec0ebf761 (patch)
tree: d10de485c2a82f45db61f419e92ddf47147c162b
parent: b758fd836a6579016077823e0a6cf152803e8757 (diff)
download: nss-hg-c483e5f43bf6fd5d79dcd64821654ebec0ebf761.tar.gz
1 files changed, 0 insertions, 10 deletions
diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c
index 42d6d86ee..250749301 100644
--- a/security/nss/lib/certhigh/certvfy.c
+++ b/security/nss/lib/certhigh/certvfy.c
@@ -287,16 +287,6 @@ SEC_CheckCRL(CERTCertDBHandle *handle,CERTCertificate *cert,
     	goto done;
     }
 
-    /* Verify the date validity of the KRL */
-    validity = SEC_CheckCrlTimes(&crl->crl,t);
-    if (validity == secCertTimeExpired) {
-	PORT_SetError(SEC_ERROR_CRL_EXPIRED);
-        rv = SECWouldBlock; /* Soft error, ask the user */
-    } else if (validity == secCertTimeNotValidYet) {
-	PORT_SetError(SEC_ERROR_CRL_NOT_YET_VALID);
-	rv = SECWouldBlock; /* Soft error, ask the user */
-    }
-
     /* now make sure the key is not on the revocation list */
     for (crlEntry = crl->crl.entries; crlEntry && *crlEntry; crlEntry++) {
 	if (SECITEM_CompareItem(&(*crlEntry)->serialNumber,&cert->serialNumber) == SECEqual) {
author	relyea%netscape.com <devnull@localhost>	2002-02-27 18:56:24 +0000
committer	relyea%netscape.com <devnull@localhost>	2002-02-27 18:56:24 +0000
commit	c483e5f43bf6fd5d79dcd64821654ebec0ebf761 (patch)
tree	d10de485c2a82f45db61f419e92ddf47147c162b
parent	b758fd836a6579016077823e0a6cf152803e8757 (diff)
download	nss-hg-c483e5f43bf6fd5d79dcd64821654ebec0ebf761.tar.gz