From 1b1dc94c49368b7d7060244fde2bef31cc70d480 Mon Sep 17 00:00:00 2001 From: Jaakko Keränen Date: Fri, 16 Jul 2021 22:46:30 +0300 Subject: Allow override for certificate expiry The user is able to ignore certificate expiry and continue loading the page regardless. This adds a one hour exception to the expiration date. --- src/gmrequest.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'src/gmrequest.c') diff --git a/src/gmrequest.c b/src/gmrequest.c index 9b640cee..44ef063f 100644 --- a/src/gmrequest.c +++ b/src/gmrequest.c @@ -290,8 +290,14 @@ static void requestFinished_GmRequest_(iGmRequest *d, iTlsRequest *req) { : finished_GmRequestState); if (d->state == failure_GmRequestState) { if (!isVerified_TlsRequest(req)) { - d->resp->statusCode = tlsServerCertificateNotVerified_GmStatusCode; - setCStr_String(&d->resp->meta, "Server certificate could not be verified"); + if (isExpired_TlsCertificate(serverCertificate_TlsRequest(req))) { + d->resp->statusCode = tlsServerCertificateExpired_GmStatusCode; + setCStr_String(&d->resp->meta, "Server certificate has expired"); + } + else { + d->resp->statusCode = tlsServerCertificateNotVerified_GmStatusCode; + setCStr_String(&d->resp->meta, "Server certificate could not be verified"); + } } else { d->resp->statusCode = tlsFailure_GmStatusCode; -- cgit v1.2.3