mbedtls: add error message for cert validity starting in the future

author Bastien Bouclet <bastien.bouclet@gmail.com>

Sat, 2 Nov 2019 13:15:18 +0000 (14:15 +0100)

committer Daniel Stenberg <daniel@haxx.se>

Sat, 2 Nov 2019 21:59:13 +0000 (22:59 +0100)
author Bastien Bouclet <bastien.bouclet@gmail.com>
Sat, 2 Nov 2019 13:15:18 +0000 (14:15 +0100)
committer Daniel Stenberg <daniel@haxx.se>
Sat, 2 Nov 2019 21:59:13 +0000 (22:59 +0100)
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c

index 27898505f1db7d2a5160b6b787cc4296158730f9..e34ec9d13f40ca00526f044dc7dba035b971d555 100644 (file)
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -588,6 +588,9 @@ mbed_connect_step2(struct connectdata *conn,
      else if(ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED)
        failf(data, "Cert verify failed: BADCERT_NOT_TRUSTED");
  
+    else if(ret & MBEDTLS_X509_BADCERT_FUTURE)
+      failf(data, "Cert verify failed: BADCERT_FUTURE");
+
      return CURLE_PEER_FAILED_VERIFICATION;
    }
author	Bastien Bouclet <bastien.bouclet@gmail.com>
	Sat, 2 Nov 2019 13:15:18 +0000 (14:15 +0100)
committer	Daniel Stenberg <daniel@haxx.se>
	Sat, 2 Nov 2019 21:59:13 +0000 (22:59 +0100)