From b2c9049af20b12f2fde08f4af0a35968404effdb Mon Sep 17 00:00:00 2001
From: Christoph Biedl <ngircd.anoy@manchmal.in-ulm.de>
Date: Sun, 31 Mar 2024 00:36:53 +0100
Subject: [PATCH] S2S-SSL/GnuTLS: Enable CRL verification

---
 src/ngircd/conn-ssl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c
index ea0e3d1b..13b79953 100644
--- a/src/ngircd/conn-ssl.c
+++ b/src/ngircd/conn-ssl.c
@@ -518,6 +518,7 @@ ConnSSL_LoadServerKey_gnutls(void)
 		return false;
 
 	gnutls_certificate_set_dh_params(x509_cred, dh_params);
+	gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_VERIFY_CRLS);
 
 	cert_file = Conf_SSLOptions.CertFile ?
 			Conf_SSLOptions.CertFile : Conf_SSLOptions.KeyFile;
-- 
2.39.2