aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorGravatar Nokis Mavrogiannopoulos 2009-06-30 18:02:38 +0000
committerGravatar Nokis Mavrogiannopoulos 2009-06-30 18:02:38 +0000
commit3a6321c9117950817d01cba3bd4201334a6ab70a (patch)
treecc5b3e409b00da3b2c836068981629e38143ddb3 /src
parent02615723b973a293c153ff4915f98878f3c7bd00 (diff)
Allow openpgp certificates that have infinite expiration time. Suggestion by MattLoar at http://issues.outoforder.cc/view.php?id=96.
Diffstat (limited to 'src')
-rw-r--r--src/gnutls_hooks.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index e671a60..9ac17a0 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -1109,11 +1109,13 @@ static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt)
1109 expired = 1; 1109 expired = 1;
1110 } 1110 }
1111 1111
1112 if (expiration_time < cur_time) { 1112 if (gnutls_certificate_type_get( ctxt->session) != GNUTLS_CRT_OPENPGP || expiration_time != 0) {
1113 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, 1113 if (expiration_time < cur_time) {
1114 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1114 "GnuTLS: Failed to Verify Peer: " 1115 "GnuTLS: Failed to Verify Peer: "
1115 "Peer Certificate is expired."); 1116 "Peer Certificate is expired.");
1116 expired = 1; 1117 expired = 1;
1118 }
1117 } 1119 }
1118 1120
1119 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) { 1121 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) {