ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

warn if loaded local certificate is invalid

This commit is contained in:
Andreas Steffen 2010-02-01 12:29:32 +01:00
parent 909c0c3d63
commit bf1e0df7c5
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/pluto/connections.c
View File

@ -765,7 +765,7 @@ static void unshare_connection_strings(connection_t *c)
static void load_end_certificate(char *filename, struct end *dst)
{
time_t valid_until;
time_t notBefore, notAfter;
cert_t *cert = NULL;
certificate_t *certificate;
bool cached_cert = FALSE;
@ -810,15 +810,17 @@ static void load_end_certificate(char *filename, struct end *dst)
}
else
{
if (!certificate->get_validity(certificate, NULL, NULL, &valid_until))
if (!certificate->get_validity(certificate, NULL, &notBefore, &notAfter))
{
plog("certificate is invalid (valid from %T to %T)",
&notBefore, FALSE, &notAfter, FALSE);
cert_free(cert);
return;
}
DBG(DBG_CONTROL,
DBG_log("certificate is valid")
)
add_public_key_from_cert(cert, valid_until, DAL_LOCAL);
add_public_key_from_cert(cert, notAfter, DAL_LOCAL);
dst->cert = cert_add(cert);
}
certificate = dst->cert->cert;