diff options
author | Alberto Gonzalez Iniesta <agi@inittab.org> | 2016-01-20 12:01:07 +0100 |
---|---|---|
committer | Alberto Gonzalez Iniesta <agi@inittab.org> | 2016-01-20 12:01:07 +0100 |
commit | 19eab1fe2df20e38ea64d7a642d3e21c957082b8 (patch) | |
tree | fad602b603321d3e0e45807f8abb4f6c670a6cf2 /src/openvpn/ssl_backend.h | |
parent | 35807e5652390e8b2fd66b9051f3b41c9488302e (diff) | |
parent | 9653b1bffea4e96c1eb7c1814e8bed21fea62321 (diff) |
Merge tag 'upstream/2.3.10'
Upstream version 2.3.10
Diffstat (limited to 'src/openvpn/ssl_backend.h')
-rw-r--r-- | src/openvpn/ssl_backend.h | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/openvpn/ssl_backend.h b/src/openvpn/ssl_backend.h index 6d47bd0..4b35e51 100644 --- a/src/openvpn/ssl_backend.h +++ b/src/openvpn/ssl_backend.h @@ -176,6 +176,15 @@ void tls_ctx_set_options (struct tls_root_ctx *ctx, unsigned int ssl_flags); void tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers); /** + * Check our certificate notBefore and notAfter fields, and warn if the cert is + * either not yet valid or has expired. Note that this is a non-fatal error, + * since we compare against the system time, which might be incorrect. + * + * @param ctx TLS context to get our certificate from. + */ +void tls_ctx_check_cert_time (const struct tls_root_ctx *ctx); + +/** * Load Diffie Hellman Parameters, and load them into the library-specific * TLS context. * |