From edb8fce8719efb0d887c72495e540d60a3bf4ed7 Mon Sep 17 00:00:00 2001
From: Christoph Biedl <ngircd.anoy@manchmal.in-ulm.de>
Date: Sun, 31 Mar 2024 00:36:53 +0100
Subject: [PATCH] S2S-SSL/GnuTLS: Enable CRL verification

(cherry picked from commit b2c9049af20b12f2fde08f4af0a35968404effdb)
---
 src/ngircd/conn-ssl.c | 2 ++
 1 file changed, 2 insertions(+)

--- a/src/ngircd/conn-ssl.c
+++ b/src/ngircd/conn-ssl.c
@@ -486,6 +486,8 @@
 		return false;
 
 	gnutls_certificate_set_dh_params(x509_cred, dh_params);
+	gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_VERIFY_CRLS);
+
 	err = gnutls_certificate_set_x509_key_file(x509_cred, cert_file, Conf_SSLOptions.KeyFile, GNUTLS_X509_FMT_PEM);
 	if (err < 0) {
 		Log(LOG_ERR,