summaryrefslogtreecommitdiff
path: root/src/lib/config.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/config.cc')
-rw-r--r--src/lib/config.cc4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/lib/config.cc b/src/lib/config.cc
index abf0eb42b..371682966 100644
--- a/src/lib/config.cc
+++ b/src/lib/config.cc
@@ -456,6 +456,9 @@ try
if (i.has_utf8_strings()) {
bad = BAD_SIGNER_UTF8_STRINGS;
}
+ if ((i.not_after().year() - i.not_before().year()) > 15) {
+ bad = BAD_SIGNER_VALIDITY_TOO_LONG;
+ }
}
if (!_signer_chain->chain_valid() || !_signer_chain->private_key_valid()) {
@@ -472,6 +475,7 @@ try
switch (*bad) {
case BAD_SIGNER_UTF8_STRINGS:
case BAD_SIGNER_INCONSISTENT:
+ case BAD_SIGNER_VALIDITY_TOO_LONG:
_signer_chain = create_certificate_chain ();
break;
case BAD_DECRYPTION_INCONSISTENT:
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-20 21:55:28 +0000