mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-24 06:48:05 +01:00
Code Issues Projects Releases Wiki Activity

fix a bug in handling clock skew

Browse source 
svn:r785
This commit is contained in:
Roger Dingledine 2003-11-11 04:08:30 +00:00
parent 7bde42676b
commit 3d19a9b514
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/common/tortls.c
View file

@ -518,12 +518,12 @@ tor_tls_verify(tor_tls *tls)
return NULL;
now = time(NULL);
t = now - CERT_ALLOW_SKEW;
t = now + CERT_ALLOW_SKEW;
if (X509_cmp_time(X509_get_notBefore(cert), &t) > 0) {
log_fn(LOG_WARN,"Certificate becomes valid in the future: possible clock skew.");
goto done;
}
t = now + CERT_ALLOW_SKEW;
t = now - CERT_ALLOW_SKEW;
if (X509_cmp_time(X509_get_notAfter(cert), &t) < 0) {
log_fn(LOG_WARN,"Certificate already expired; possible clock skew.");
goto done;