Reject certs and CRLs from the future

commit: 9533765b252ed3f86adba4152c8900a86933ce96 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Mar 10 13:15:18 2014 +0100
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Mar 13 19:25:06 2014 +0100
tree: bb8bac3cd453efba408a74eeeb651b9eb36952fb
parent: 6304f786e05bb57a63f9905e504376686a017357 [diff]
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index 1520a7c..008e795 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h

@@ -78,6 +78,8 @@
 #define BADCERT_MISSING             0x40  /**< Certificate was missing. */
 #define BADCERT_SKIP_VERIFY         0x80  /**< Certificate verification was skipped. */
 #define BADCERT_OTHER             0x0100  /**< Other reason (can be used by verify callback) */
+#define BADCERT_FUTURE            0x0200  /**< The certificate validity starts in the future. */
+#define BADCRL_FUTURE             0x0400  /**< The CRL is from the future */
 /* \} name */
 /* \} addtogroup x509_module */
commit	9533765b252ed3f86adba4152c8900a86933ce96	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon Mar 10 13:15:18 2014 +0100
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Mar 13 19:25:06 2014 +0100
tree	bb8bac3cd453efba408a74eeeb651b9eb36952fb
parent	6304f786e05bb57a63f9905e504376686a017357 [diff]