diff options
Diffstat (limited to 'src/pluto/ocsp.c')
-rw-r--r-- | src/pluto/ocsp.c | 13 |
1 files changed, 3 insertions, 10 deletions
diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c index d980e7f14..041df2452 100644 --- a/src/pluto/ocsp.c +++ b/src/pluto/ocsp.c @@ -424,7 +424,7 @@ cert_status_t verify_by_ocsp(const x509cert_t *cert, time_t *until, chunk_t serialNumber = x509->get_serial(x509); cert_status_t status; ocsp_location_t location; - time_t nextUpdate = 0; + time_t nextUpdate; *revocationDate = UNDEFINED_TIME; *revocationReason = CRL_REASON_UNSPECIFIED; @@ -1008,9 +1008,6 @@ static bool valid_ocsp_response(response_t *res) for (pathlen = 0; pathlen < MAX_CA_PATH_LEN; pathlen++) { - err_t ugh = NULL; - time_t until; - x509cert_t *cert = authcert; certificate_t *certificate = cert->cert; x509_t *x509 = (x509_t*)certificate; @@ -1021,21 +1018,17 @@ static bool valid_ocsp_response(response_t *res) DBG(DBG_CONTROL, DBG_log("subject: '%Y'", subject); DBG_log("issuer: '%Y'", issuer); - if (authKeyID.ptr != NULL) + if (authKeyID.ptr) { DBG_log("authkey: %#B", &authKeyID); } ) - ugh = check_validity(authcert, &until); - - if (ugh != NULL) + if (!certificate->get_validity(certificate, NULL, NULL, NULL)) { - plog("%s", ugh); unlock_authcert_list("valid_ocsp_response"); return FALSE; } - DBG(DBG_CONTROL, DBG_log("certificate is valid") ) |