summaryrefslogtreecommitdiff
path: root/src/leap/keymanager/validation.py
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2014-11-10 16:18:17 -0200
committerdrebs <drebs@leap.se>2014-11-10 16:18:17 -0200
commit27776fbab6fe963082a882dfb5232c54b0195d5f (patch)
tree51780a96c6df649ce0245ce4c63a5fe9a530649b /src/leap/keymanager/validation.py
parenta5cf287dabc77b7172c2f058696cee1024ea3297 (diff)
parentc223cca848e854d0015314ef517a6a4f928a2d0a (diff)
Merge remote-tracking branch 'meskio/feature/6210_key_newer' into develop
Diffstat (limited to 'src/leap/keymanager/validation.py')
-rw-r--r--src/leap/keymanager/validation.py10
1 files changed, 4 insertions, 6 deletions
diff --git a/src/leap/keymanager/validation.py b/src/leap/keymanager/validation.py
index 6dceb787..cf5b4a83 100644
--- a/src/leap/keymanager/validation.py
+++ b/src/leap/keymanager/validation.py
@@ -73,7 +73,6 @@ def can_upgrade(new_key, old_key):
# An update of the same key
if new_key.fingerprint == old_key.fingerprint:
- # XXX wich one is newer? is that a downgrade attack? (#6210)
return True
# Manually verified fingerprint
@@ -81,11 +80,10 @@ def can_upgrade(new_key, old_key):
return True
# Expired key and higher validation level
- if old_key.expiry_date:
- old_expiry_date = datetime.fromtimestamp(int(old_key.expiry_date))
- if (old_expiry_date < datetime.now() and
- new_key.validation >= old_key.validation):
- return True
+ if (old_key.expiry_date is not None and
+ old_key.expiry_date < datetime.now() and
+ new_key.validation >= old_key.validation):
+ return True
# No expiration date and higher validation level
elif new_key.validation >= old_key.validation: