From 9653b1bffea4e96c1eb7c1814e8bed21fea62321 Mon Sep 17 00:00:00 2001
From: Alberto Gonzalez Iniesta <agi@inittab.org>
Date: Wed, 20 Jan 2016 12:01:07 +0100
Subject: Imported Upstream version 2.3.10

---
 src/openvpn/ssl_backend.h | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/openvpn/ssl_backend.h')

diff --git a/src/openvpn/ssl_backend.h b/src/openvpn/ssl_backend.h
index 6d47bd0..4b35e51 100644
--- a/src/openvpn/ssl_backend.h
+++ b/src/openvpn/ssl_backend.h
@@ -175,6 +175,15 @@ void tls_ctx_set_options (struct tls_root_ctx *ctx, unsigned int ssl_flags);
  */
 void tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers);
 
+/**
+ * Check our certificate notBefore and notAfter fields, and warn if the cert is
+ * either not yet valid or has expired.  Note that this is a non-fatal error,
+ * since we compare against the system time, which might be incorrect.
+ *
+ * @param ctx		TLS context to get our certificate from.
+ */
+void tls_ctx_check_cert_time (const struct tls_root_ctx *ctx);
+
 /**
  * Load Diffie Hellman Parameters, and load them into the library-specific
  * TLS context.
-- 
cgit v1.2.3