diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-12-23 20:20:58 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-12-26 07:46:43 +0100 |
commit | 49d27a55031e72ade52984f5cd94e82e97b46228 (patch) | |
tree | 373f1d010011a93d7f246e79ce3de996d45d256a /NEWS | |
parent | 58a45b8c2fbf2f0ff22e1c7c7762d0cb00855df9 (diff) | |
download | gnutls-49d27a55031e72ade52984f5cd94e82e97b46228.tar.gz |
x509: do not tolerate invalid DER time
This effectively reverts !400 and ensures that we no longer tolerate
invalid DER time. This complements the previous commit by Lili Quan
and ensures we provide the --disable-strict-der-time backwards compatibility
option.
Resolves: #207
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -10,7 +10,10 @@ See the end for copying conditions. ** libgnutls: Introduced the gnutls_ocsp_req_const_t which is compatible with gnutls_ocsp_req_t but const. -** libgnutls: Reject certificates with invalid characters in Time fields (#870). +** libgnutls: Reject certificates with invalid time fields. That is we reject + certificates with invalid characters in Time fields, or invalid time formatting + To continue accepting the invalid form compile with --disable-strict-der-time + (#207, #870). ** libgnutls: Added support for GOST CNT_IMIT ciphersuite (as defined by draft-smyshlyaev-tls12-gost-suites-06). |