ouch/inspircd
2
0
Fork 0
mirror of https://github.com/inspircd/inspircd.git synced 2025-03-11 11:39:02 -04:00
Code Issues Packages Projects Releases Wiki Activity

Dont report that the key has expired when it hasnt

Browse Source 
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@5127 e03df62e-2008-0410-955e-edbf42e46eb7
This commit is contained in:
brain 2006-09-03 20:25:09 +00:00
parent c01b8aab83
commit f0101edab9
1 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/modules/extra/m_ssl_openssl.cpp
View File

@ -61,6 +61,11 @@ public:
static int OnVerify(int preverify_ok, X509_STORE_CTX *ctx)
{
/* XXX: This will allow self signed certificates.
* In the future if we want an option to not allow this,
* we can just return preverify_ok here, and openssl
* will boot off self-signed and invalid peer certs.
*/
return 1;
}
@ -91,8 +96,6 @@ class ModuleSSLOpenSSL : public Module
ModuleSSLOpenSSL(InspIRCd* Me)
: Module::Module(Me)
{
culllist = new CullList(ServerInstance);
// Not rehashable...because I cba to reduce all the sizes of existing buffers.
@ -717,16 +720,10 @@ class ModuleSSLOpenSSL : public Module
certinfo->data.insert(std::make_pair("fingerprint",irc::hex(md, n)));
}
if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), time(NULL)) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), time(NULL)) == -1))
if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), time(NULL)) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), time(NULL)) == 0))
{
certinfo->data.insert(std::make_pair("error","Not activated, or expired certificate"));
}
/*if (cert->name)
{
certinfo->data.insert(std::make_pair("dn",cert->name));
}*/
}
};