Commit 5fccf603 authored Jun 05, 2020 by Kevin J. McCarthy

Abort GnuTLS certificate check if a cert in the chain is rejected.

GnuTLS is not checking dates because we disabled that in
tls_negotiate().

So if we don't do this, rejecting an expired intermediate cert will
have no effect.  Certstat won't contain an expiration error, and
tls_check_preauth() will only look at each subsequent cert in the
chain's dates.

parent bb0e6277

Show whitespace changes

Inline Side-by-side

Kevin J. McCarthy @kevin8t8
mentioned in issue #245 (closed)
· Jun 07, 2020

mentioned in issue #245 (closed)

mentioned in issue #245

Toggle commit list
Kevin J. McCarthy @kevin8t8
mentioned in commit neomutt/neomutt@c9c5b86e
· Jun 19, 2020

mentioned in commit neomutt/neomutt@c9c5b86e

mentioned in commit neomutt/neomutt@c9c5b86e9fdf0d1d1413612f20858b2eeec1c531

Toggle commit list

Please register or to comment