diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_ac.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 7ce2800c2..878406a71 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -804,7 +804,19 @@ static bool get_validity(private_x509_ac_t *this, time_t *when, { *not_after = this->notAfter; } - return (t >= this->notBefore && t <= this->notAfter); + if (t < this->notBefore) + { + DBG1("attribute certificate is not valid before %T", + this->notBefore, TRUE); + return FALSE; + } + if (t > this->notAfter) + { + DBG1("attribute certificate expired on %T", + this->notAfter, TRUE); + return FALSE; + } + return TRUE; } /** |