sashakoshka/go-gemini
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't check if certificate is expired

Browse Source
This commit is contained in:
Adnan Maolood 2020-11-05 18:35:25 -05:00
parent 520d0a7fb1
commit a5712c7705
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
client.go
View File

@ -214,9 +214,9 @@ func (c *Client) verifyConnection(req *Request, cs tls.ConnectionState) error {
return nil return nil
} }
// Check the known hosts // Check the known hosts
// No need to check if it is expired as tls already does that
knownHost, ok := c.KnownHosts.Lookup(hostname) knownHost, ok := c.KnownHosts.Lookup(hostname)
if ok && time.Now().After(cert.NotAfter) { if ok {
// Not expired
fingerprint := NewFingerprint(cert) fingerprint := NewFingerprint(cert)
if knownHost.Hex != fingerprint.Hex { if knownHost.Hex != fingerprint.Hex {
return errors.New("gemini: fingerprint does not match") return errors.New("gemini: fingerprint does not match")