From 0e84a3939e912f6a384416b3af214fe8d44ff343 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Mon, 14 Sep 2015 16:16:38 +0000 Subject: Provide tls_config_insecure_noverifytime() in order to be able to disable certificate validity checking. ok beck@ --- src/lib/libtls/tls_init.3 | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'src/lib/libtls/tls_init.3') diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index feef85dcb6..12a8e4bcf7 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_init.3,v 1.47 2015/09/14 15:14:55 schwarze Exp $ +.\" $OpenBSD: tls_init.3,v 1.48 2015/09/14 16:16:38 jsing Exp $ .\" .\" Copyright (c) 2014 Ted Unangst .\" @@ -40,6 +40,7 @@ .Nm tls_config_clear_keys , .Nm tls_config_insecure_noverifycert , .Nm tls_config_insecure_noverifyname , +.Nm tls_config_insecure_noverifytime , .Nm tls_config_verify , .Nm tls_config_verify_client , .Nm tls_config_verify_client_optional , @@ -114,6 +115,8 @@ .Ft "void" .Fn tls_config_insecure_noverifyname "struct tls_config *config" .Ft "void" +.Fn tls_config_insecure_noverifytime "struct tls_config *config" +.Ft "void" .Fn tls_config_verify "struct tls_config *config" .Ft "void" .Fn tls_config_verify_client "struct tls_config *config" @@ -365,6 +368,11 @@ disables server name verification. Be careful when using this option. .Em (Client) .It +.Fn tls_config_insecure_noverifytime +disables validity checking of certificate. +Be careful when using this option. +.Em (Client and server) +.It .Fn tls_config_verify reenables server name and certificate verification. .Em (Client) -- cgit v1.2.3-55-g6feb