mirror of
https://github.com/matrix-construct/construct
synced 2024-11-29 02:02:38 +01:00
ircd::net: Add open() option to allow expired certificates.
This commit is contained in:
parent
9ddf83c73c
commit
0dc8593b9c
2 changed files with 10 additions and 0 deletions
|
@ -92,6 +92,9 @@ struct ircd::net::open_opts
|
||||||
/// Option to toggle whether to allow self-signed certificate authorities
|
/// Option to toggle whether to allow self-signed certificate authorities
|
||||||
/// in the chain. This is what corporate network nanny's may use to spy.
|
/// in the chain. This is what corporate network nanny's may use to spy.
|
||||||
bool allow_self_chain { false };
|
bool allow_self_chain { false };
|
||||||
|
|
||||||
|
/// Option to allow expired certificates.
|
||||||
|
bool allow_expired { false };
|
||||||
};
|
};
|
||||||
|
|
||||||
/// Constructor intended to provide implicit conversions (no-brackets required)
|
/// Constructor intended to provide implicit conversions (no-brackets required)
|
||||||
|
|
|
@ -1884,6 +1884,13 @@ noexcept try
|
||||||
|
|
||||||
reject();
|
reject();
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case X509_V_ERR_CERT_HAS_EXPIRED:
|
||||||
|
if(opts.allow_expired)
|
||||||
|
return true;
|
||||||
|
|
||||||
|
reject();
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
const bool verify_common_name
|
const bool verify_common_name
|
||||||
|
|
Loading…
Reference in a new issue