From: Nikos Mavrogiannopoulos Date: Thu, 9 Oct 2014 10:28:34 +0000 (+0200) Subject: _gnutls_check_valid_key_id: corrected activation/expiration check X-Git-Tag: gnutls_3_4_0~808 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ceb3dc6a4969fd7903460e89d57f0c93aa2d5071;p=thirdparty%2Fgnutls.git _gnutls_check_valid_key_id: corrected activation/expiration check --- diff --git a/lib/x509/common.c b/lib/x509/common.c index 9ff1c0ff4f..dc240046ea 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -1959,7 +1959,7 @@ _gnutls_check_valid_key_id(gnutls_datum_t *key_id, size_t id_size; bool result = 0; - if (now > gnutls_x509_crt_get_expiration_time(cert) && + if (now > gnutls_x509_crt_get_expiration_time(cert) || now < gnutls_x509_crt_get_activation_time(cert)) { /* don't bother, certificate is not yet activated or expired */ gnutls_assert();