diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2010-02-01 12:29:32 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2010-02-01 12:29:32 +0100 |
| commit | bf1e0df7c5bbd3513b0953ddc98add92d35a3178 (patch) | |
| tree | 34c7727550d13685345bf21c9d19b7270d71c95b /src | |
| parent | 909c0c3d63b1719862ddec1b0b718a4798a91cd6 (diff) | |
| download | strongswan-bf1e0df7c5bbd3513b0953ddc98add92d35a3178.tar.bz2 strongswan-bf1e0df7c5bbd3513b0953ddc98add92d35a3178.tar.xz | |
warn if loaded local certificate is invalid
Diffstat (limited to 'src')
| -rw-r--r-- | src/pluto/connections.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/pluto/connections.c b/src/pluto/connections.c index a24f29dd6..fece34eec 100644 --- a/src/pluto/connections.c +++ b/src/pluto/connections.c @@ -765,7 +765,7 @@ static void unshare_connection_strings(connection_t *c) static void load_end_certificate(char *filename, struct end *dst) { - time_t valid_until; + time_t notBefore, notAfter; cert_t *cert = NULL; certificate_t *certificate; bool cached_cert = FALSE; @@ -810,15 +810,17 @@ static void load_end_certificate(char *filename, struct end *dst) } else { - if (!certificate->get_validity(certificate, NULL, NULL, &valid_until)) + if (!certificate->get_validity(certificate, NULL, ¬Before, ¬After)) { + plog("certificate is invalid (valid from %T to %T)", + ¬Before, FALSE, ¬After, FALSE); cert_free(cert); return; } DBG(DBG_CONTROL, DBG_log("certificate is valid") ) - add_public_key_from_cert(cert, valid_until, DAL_LOCAL); + add_public_key_from_cert(cert, notAfter, DAL_LOCAL); dst->cert = cert_add(cert); } certificate = dst->cert->cert; |