Changeset 5513f3e
- Timestamp:
- 2011-12-24T14:52:35Z (13 years ago)
- Branches:
- master
- Children:
- 96f954d
- Parents:
- 200e151
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
configure
r200e151 r5513f3e 283 283 EOF 284 284 ssl=gnutls 285 if ! pkg-config gnutls --atleast-version=2.8; then 286 echo 287 echo 'Warning: With GnuTLS versions <2.8, certificate expire dates are not verified.' 288 fi 285 289 ret=1 286 290 elif libgnutls-config --version > /dev/null 2> /dev/null; then -
lib/ssl_gnutls.c
r200e151 r5513f3e 166 166 verifyret |= VERIFY_CERT_INSECURE_ALGORITHM; 167 167 168 #ifdef GNUTLS_CERT_NOT_ACTIVATED 169 /* Amusingly, the GnuTLS function used above didn't check for expiry 170 until GnuTLS 2.8 or so. (See CVE-2009-1417) */ 168 171 if( status & GNUTLS_CERT_NOT_ACTIVATED ) 169 172 verifyret |= VERIFY_CERT_NOT_ACTIVATED; … … 171 174 if( status & GNUTLS_CERT_EXPIRED ) 172 175 verifyret |= VERIFY_CERT_EXPIRED; 176 #endif 173 177 174 178 /* The following check is already performed inside
Note: See TracChangeset
for help on using the changeset viewer.