0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-11-29 02:02:38 +01:00

ircd::net: Add open() option to allow expired certificates.

This commit is contained in:
Jason Volk 2018-02-10 18:36:23 -08:00
parent 9ddf83c73c
commit 0dc8593b9c
2 changed files with 10 additions and 0 deletions

View file

@ -92,6 +92,9 @@ struct ircd::net::open_opts
/// Option to toggle whether to allow self-signed certificate authorities /// Option to toggle whether to allow self-signed certificate authorities
/// in the chain. This is what corporate network nanny's may use to spy. /// in the chain. This is what corporate network nanny's may use to spy.
bool allow_self_chain { false }; bool allow_self_chain { false };
/// Option to allow expired certificates.
bool allow_expired { false };
}; };
/// Constructor intended to provide implicit conversions (no-brackets required) /// Constructor intended to provide implicit conversions (no-brackets required)

View file

@ -1884,6 +1884,13 @@ noexcept try
reject(); reject();
break; break;
case X509_V_ERR_CERT_HAS_EXPIRED:
if(opts.allow_expired)
return true;
reject();
break;
} }
const bool verify_common_name const bool verify_common_name