Allow override for certificate expiry

The user is able to ignore certificate expiry and continue loading the page regardless. This adds a one hour exception to the expiration date.
author: Jaakko Keränen <jaakko.keranen@iki.fi> 2021-07-16 22:46:30 +0300
committer: Jaakko Keränen <jaakko.keranen@iki.fi> 2021-07-16 22:46:30 +0300
commit: 1b1dc94c49368b7d7060244fde2bef31cc70d480 (patch)
tree: bca58bf618418adbc0060a85d289c3b1ebbca636 /src/gmrequest.c
parent: 8fb7695dc1cf4e136806fbd77557ebd644d71801 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/src/gmrequest.c b/src/gmrequest.c
index 9b640cee..44ef063f 100644
--- a/src/gmrequest.c
+++ b/src/gmrequest.c
@@ -290,8 +290,14 @@ static void requestFinished_GmRequest_(iGmRequest *d, iTlsRequest *req) {
                                                                 : finished_GmRequestState);
    if (d->state == failure_GmRequestState) {
        if (!isVerified_TlsRequest(req)) {
-            d->resp->statusCode = tlsServerCertificateNotVerified_GmStatusCode;
+            if (isExpired_TlsCertificate(serverCertificate_TlsRequest(req))) {
-            setCStr_String(&d->resp->meta, "Server certificate could not be verified");
+                d->resp->statusCode = tlsServerCertificateExpired_GmStatusCode;
+                setCStr_String(&d->resp->meta, "Server certificate has expired");
+            }
+            else {
+                d->resp->statusCode = tlsServerCertificateNotVerified_GmStatusCode;
+                setCStr_String(&d->resp->meta, "Server certificate could not be verified");
+            }
        }
        else {
            d->resp->statusCode = tlsFailure_GmStatusCode;
author	Jaakko Keränen <jaakko.keranen@iki.fi>	2021-07-16 22:46:30 +0300
committer	Jaakko Keränen <jaakko.keranen@iki.fi>	2021-07-16 22:46:30 +0300
commit	1b1dc94c49368b7d7060244fde2bef31cc70d480 (patch)
tree	bca58bf618418adbc0060a85d289c3b1ebbca636 /src/gmrequest.c
parent	8fb7695dc1cf4e136806fbd77557ebd644d71801 (diff)