fixed wrong cert expiration date check

author: Rainer Gerhards <rgerhards@adiscon.com> 2008-05-26 15:11:00 +0200
committer: Rainer Gerhards <rgerhards@adiscon.com> 2008-05-26 15:11:00 +0200
commit: 7918bbe7fc4c704ef79ebd2fb58871cb3fa8c3f6 (patch)
tree: 0e31fcaa766d3c9f917ebe41ceb6708414441e0c /runtime/nsd_gtls.c
parent: bc5eb93e40534f55b240d33dd605ed3e52bae555 (diff)
download: rsyslog-7918bbe7fc4c704ef79ebd2fb58871cb3fa8c3f6.tar.gz
rsyslog-7918bbe7fc4c704ef79ebd2fb58871cb3fa8c3f6.tar.xz
rsyslog-7918bbe7fc4c704ef79ebd2fb58871cb3fa8c3f6.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c
index 5c82d082..76f37c94 100644
--- a/runtime/nsd_gtls.c
+++ b/runtime/nsd_gtls.c
@@ -828,7 +828,7 @@ gtlsChkPeerCertValidity(nsd_gtls_t *pThis)
 		ttCert = gnutls_x509_crt_get_expiration_time(cert);
 		if(ttCert == -1)
 			ABORT_FINALIZE(RS_RET_TLS_CERT_ERR);
-		else if(ttCert > ttNow) {
+		else if(ttCert < ttNow) {
 			errmsg.LogError(NO_ERRCODE, "not permitted to talk to peer: certificate %d expired", i);
 			gtlsGetCertInfo(pThis, &pStr);
 			errmsg.LogError(NO_ERRCODE, "info on invalid cert: %s", rsCStrGetSzStr(pStr));
author	Rainer Gerhards <rgerhards@adiscon.com>	2008-05-26 15:11:00 +0200
committer	Rainer Gerhards <rgerhards@adiscon.com>	2008-05-26 15:11:00 +0200
commit	7918bbe7fc4c704ef79ebd2fb58871cb3fa8c3f6 (patch)
tree	0e31fcaa766d3c9f917ebe41ceb6708414441e0c /runtime/nsd_gtls.c
parent	bc5eb93e40534f55b240d33dd605ed3e52bae555 (diff)
download	rsyslog-7918bbe7fc4c704ef79ebd2fb58871cb3fa8c3f6.tar.gz rsyslog-7918bbe7fc4c704ef79ebd2fb58871cb3fa8c3f6.tar.xz rsyslog-7918bbe7fc4c704ef79ebd2fb58871cb3fa8c3f6.zip