Add InsecureSkipTimeVerify (#174)

* add `InsecureSkipTimeVerify` * fix the cache verification when `InsecureServerNameToVerify` set * better description of `InsecureSkipTimeVerify` Co-authored-by: Gaukas Wang <i@gauk.as> * minimize the change made + wrap the modified section * fix: use tab replace space indentation --------- Co-authored-by: Gaukas Wang <i@gauk.as>
2025-04-03 20:17:36 +03:00 · 2023-03-13 00:58:57 +08:00 · 2023-03-13 00:58:57 +08:00 · 17e2929ff7
commit 17e2929ff7
parent dae72adb81
3 changed files with 31 additions and 7 deletions
--- a/common.go
+++ b/common.go
@ -656,6 +656,13 @@ type Config struct {
 	// testing or in combination with VerifyConnection or VerifyPeerCertificate.
 	InsecureSkipVerify bool

+	// InsecureSkipTimeVerify controls whether a client verifies the server's
+	// certificate chain against time. If InsecureSkipTimeVerify is true, 
+	// crypto/tls accepts the certificate even when it is expired. 
+	//
+	// This field is ignored when InsecureSkipVerify is true.
+	InsecureSkipTimeVerify bool // [uTLS]
+
 	// InsecureServerNameToVerify is used to verify the hostname on the returned
 	// certificates. It is intended to use with spoofed ServerName.
 	// If InsecureServerNameToVerify is "*", crypto/tls will do normal
@ -821,6 +828,7 @@ func (c *Config) Clone() *Config {
 		ClientAuth:                  c.ClientAuth,
 		ClientCAs:                   c.ClientCAs,
 		InsecureSkipVerify:          c.InsecureSkipVerify,
+		InsecureSkipTimeVerify:      c.InsecureSkipTimeVerify,
 		InsecureServerNameToVerify:  c.InsecureServerNameToVerify,
 		CipherSuites:                c.CipherSuites,
 		PreferServerCipherSuites:    c.PreferServerCipherSuites,