diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-10-02 20:14:09 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-10-02 20:14:09 +0200 |
| commit | ec0abe4ab567b76ef3c7ef26bdf761753bb3a87f (patch) | |
| tree | 3c22d670ba0b8ef121cb48ebfe148651be0af808 /src | |
| parent | daaedcb9c28291fb911716b19dd4364ca1a847bd (diff) | |
| download | strongswan-ec0abe4ab567b76ef3c7ef26bdf761753bb3a87f.tar.bz2 strongswan-ec0abe4ab567b76ef3c7ef26bdf761753bb3a87f.tar.xz | |
added some notBefore/notAfter debugging info
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_ac.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 7ce2800c2..878406a71 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -804,7 +804,19 @@ static bool get_validity(private_x509_ac_t *this, time_t *when, { *not_after = this->notAfter; } - return (t >= this->notBefore && t <= this->notAfter); + if (t < this->notBefore) + { + DBG1("attribute certificate is not valid before %T", + this->notBefore, TRUE); + return FALSE; + } + if (t > this->notAfter) + { + DBG1("attribute certificate expired on %T", + this->notAfter, TRUE); + return FALSE; + } + return TRUE; } /** |