GnuTLS: do not bother checking certificate dates

Newer GnuTLS versions do it internally and in a more correct fashion.

GnuTLS: do not bother checking certificate dates
Newer GnuTLS versions do it internally and in a more correct fashion.
7a379ad9 · Rémi Denis-Courmont · 44db6102 · 7a379ad9 · 7a379ad9
Commit 7a379ad9 authored May 04, 2012 by Rémi Denis-Courmont
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 17 deletions

configure.ac configure.ac +1 -1

modules/misc/gnutls.c modules/misc/gnutls.c +0 -16

No files found.
--- a/configure.ac
+++ b/configure.ac
@@ -3985,7 +3985,7 @@ AS_IF([test "${have_libgcrypt}" != "yes"], [
  enable_gnutls="no"
 ])
 AS_IF([test "${enable_gnutls}" != "no"], [
-  PKG_CHECK_MODULES(GNUTLS, [gnutls >= 2.8.0], [
+  PKG_CHECK_MODULES(GNUTLS, [gnutls >= 2.6.6], [
    VLC_ADD_PLUGIN([gnutls])
  ], [
    AS_IF([test -n "${enable_gnutls}"], [

--- a/modules/misc/gnutls.c
+++ b/modules/misc/gnutls.c
@@ -27,7 +27,6 @@
 #endif

 #include <errno.h>
-#include <time.h>
 #include <sys/types.h>
 #include <errno.h>

@@ -349,21 +348,6 @@ static int gnutls_HandshakeAndValidate (vlc_tls_t *session)
        goto error;
    }

-    time_t now;
-    time (&now);
-
-    if (gnutls_x509_crt_get_expiration_time (cert) < now)
-    {
-        msg_Err (session, "Certificate expired");
-        goto error;
-    }
-
-    if (gnutls_x509_crt_get_activation_time (cert) > now)
-    {
-        msg_Err( session, "Certificate not yet valid" );
-        goto error;
-    }
-
    gnutls_x509_crt_deinit (cert);
    msg_Dbg (session, "TLS/x509 certificate verified");
    return 0;