diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-03-17 17:48:31 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-03-17 17:53:26 +0100 |
| commit | fe279dc234c04712086b810567f5586b2696f79c (patch) | |
| tree | ae0e236186249b19dae21c1238aec8a182e06461 /doc/examples/ex-verify.c | |
| parent | aa9b56ffb468fbe7066062dc46a145cf4898d8cd (diff) | |
| download | gnutls-fe279dc234c04712086b810567f5586b2696f79c.tar.gz | |
Use the flags for expiration instead of getting the time of each certificate.
Diffstat (limited to 'doc/examples/ex-verify.c')
| -rw-r--r-- | doc/examples/ex-verify.c | 30 |
1 files changed, 9 insertions, 21 deletions
diff --git a/doc/examples/ex-verify.c b/doc/examples/ex-verify.c index 9c89d51b73..3daabede4d 100644 --- a/doc/examples/ex-verify.c +++ b/doc/examples/ex-verify.c @@ -103,7 +103,6 @@ verify_cert2 (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, { unsigned int output; int ret; - time_t now = time (0); size_t name_size; char name[64]; @@ -139,21 +138,16 @@ verify_cert2 (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, fprintf (stderr, ": no issuer was found"); if (output & GNUTLS_CERT_SIGNER_NOT_CA) fprintf (stderr, ": issuer is not a CA"); + if (output & GNUTLS_CERT_NOT_ACTIVATED) + fprintf (stderr, ": not yet activated\n"); + if (output & GNUTLS_CERT_EXPIRED) + fprintf (stderr, ": expired\n"); fprintf (stderr, "\n"); } else fprintf (stderr, "Trusted\n"); - - /* Now check the expiration dates. - */ - if (gnutls_x509_crt_get_activation_time (crt) > now) - fprintf (stderr, "Not yet activated\n"); - - if (gnutls_x509_crt_get_expiration_time (crt) < now) - fprintf (stderr, "Expired\n"); - /* Check if the certificate is revoked. */ ret = gnutls_x509_crt_check_revocation (crt, crl_list, crl_list_size); @@ -174,7 +168,6 @@ verify_last_cert (gnutls_x509_crt_t crt, { unsigned int output; int ret; - time_t now = time (0); size_t name_size; char name[64]; @@ -202,21 +195,16 @@ verify_last_cert (gnutls_x509_crt_t crt, if (output & GNUTLS_CERT_SIGNER_NOT_CA) fprintf (stderr, ": Issuer is not a CA\n"); - else - fprintf (stderr, "\n"); + if (output & GNUTLS_CERT_NOT_ACTIVATED) + fprintf (stderr, ": Not yet activated\n"); + if (output & GNUTLS_CERT_EXPIRED) + fprintf (stderr, ": Expired\n"); + fprintf (stderr, "\n"); } else fprintf (stderr, "Trusted\n"); - /* Now check the expiration dates. - */ - if (gnutls_x509_crt_get_activation_time (crt) > now) - fprintf (stderr, "Not yet activated\n"); - - if (gnutls_x509_crt_get_expiration_time (crt) < now) - fprintf (stderr, "Expired\n"); - /* Check if the certificate is revoked. */ ret = gnutls_x509_crt_check_revocation (crt, crl_list, crl_list_size); |