diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/pluto/ocsp.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c index d1533cc5a..b1f558ebf 100644 --- a/src/pluto/ocsp.c +++ b/src/pluto/ocsp.c @@ -998,6 +998,7 @@ static bool valid_ocsp_response(response_t *res) identification_t *subject = certificate->get_subject(certificate); identification_t *issuer = certificate->get_issuer(certificate); chunk_t authKeyID = x509->get_authKeyIdentifier(x509); + time_t not_before, not_after; DBG(DBG_CONTROL, DBG_log("subject: '%Y'", subject); @@ -1008,8 +1009,11 @@ static bool valid_ocsp_response(response_t *res) } ) - if (!certificate->get_validity(certificate, NULL, NULL, NULL)) + if (!certificate->get_validity(certificate, NULL, ¬_before, ¬_after)) { + plog("certificate is invalid (valid from %T to %T)", + ¬_before, FALSE, ¬_after, FALSE); + unlock_authcert_list("valid_ocsp_response"); return FALSE; } |