openntpd-openbsd

Source code pulled from OpenBSD for OpenNTPD. The place to contribute to this code is via the OpenBSD CVS tree.

jsing ec351717c5 Perform manual validity checking of the X.509 certificate for constraints. Given that we're getting a constraint so that we can validate time, if our own time is out we can fail the automatic validity checking since it is based on the wallclock. Instead, disable the automatic validity checking and perform manual checks based on the time reported from the server via the HTTP header. Discussed at length with and ok deraadt@	5 years ago
src	Perform manual validity checking of the X.509 certificate for constraints.	5 years ago

jsing ec351717c5 Perform manual validity checking of the X.509 certificate for constraints.

Given that we're getting a constraint so that we can validate time, if our
own time is out we can fail the automatic validity checking since it is
based on the wallclock. Instead, disable the automatic validity checking
and perform manual checks based on the time reported from the server via
the HTTP header.
Discussed at length with and ok deraadt@

5 years ago

src

Perform manual validity checking of the X.509 certificate for constraints.

5 years ago