]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
_gnutls_check_valid_key_id: corrected activation/expiration check
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 9 Oct 2014 10:28:34 +0000 (12:28 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 9 Oct 2014 10:28:34 +0000 (12:28 +0200)
lib/x509/common.c

index 9ff1c0ff4fad3bef6f45b7c7c79c0b5933d54561..dc240046ea33397e74090437cd5c7019b0d0a38f 100644 (file)
@@ -1959,7 +1959,7 @@ _gnutls_check_valid_key_id(gnutls_datum_t *key_id,
        size_t id_size;
        bool result = 0;
 
-       if (now > gnutls_x509_crt_get_expiration_time(cert) &&
+       if (now > gnutls_x509_crt_get_expiration_time(cert) ||
            now < gnutls_x509_crt_get_activation_time(cert)) {
                /* don't bother, certificate is not yet activated or expired */
                gnutls_assert();