98fdbbc1be19a24a52eff4cb373aa473178eba79
[openwrt.git] / package / wpa_supplicant / patches / 100-timestamp_check.patch
1 --- a/src/tls/x509v3.c
2 +++ b/src/tls/x509v3.c
3 @@ -1591,8 +1591,11 @@ int x509_certificate_chain_validate(stru
4                 if (chain_trusted)
5                         continue;
6  
7 -               if ((unsigned long) now.sec <
8 +               if (
9 +#ifndef NO_TIMESTAMP_CHECK
10 +                   (unsigned long) now.sec <
11                     (unsigned long) cert->not_before ||
12 +#endif
13                     (unsigned long) now.sec >
14                     (unsigned long) cert->not_after) {
15                         wpa_printf(MSG_INFO, "X509: Certificate not valid "