1 files changed, 11 insertions, 6 deletions

diff --git a/src/leap/eip/checks.py b/src/leap/eip/checks.py
index b68ee23a..f739c3e8 100644
--- a/src/leap/eip/checks.py
+++ b/src/leap/eip/checks.py
@@ -155,6 +155,9 @@ class ProviderCertChecker(object):
             # verify=verify
             # Workaround for #638. return to verification
             # when That's done!!!
+
+            # XXX HOOK SRP here...
+            # will have to be more generic in the future.
             req = self.fetcher.get(uri, verify=False)
             req.raise_for_status()
         except requests.exceptions.SSLError:
@@ -180,7 +183,7 @@ class ProviderCertChecker(object):
         valid = exists() and valid_pemfile() and not_expired()
         if not valid:
             if do_raise:
-                raise Exception('missing cert')
+                raise Exception('missing valid cert')
             else:
                 return False
         return True
@@ -196,7 +199,9 @@ class ProviderCertChecker(object):
         with open(certfile) as cf:
             cert_s = cf.read()
         cert = crypto.X509Certificate(cert_s)
-        return cert.activation_time < now() < cert.expiration_time
+        from_ = time.gmtime(cert.activation_time)
+        to_ = time.gmtime(cert.expiration_time)
+        return from_ < now() < to_
 
     def is_valid_pemfile(self, cert_s=None):
         """
@@ -316,7 +321,7 @@ class EIPConfigChecker(object):
         This is catched by ui and runs FirstRunWizard (MVS+)
         """
         if config is None:
-            config = self.eipconfig.get_config()
+            config = self.eipconfig.config
         logger.debug('checking default provider')
         provider = config.get('provider', None)
         if provider is None:
@@ -340,7 +345,7 @@ class EIPConfigChecker(object):
             logger.debug('(fetching def skipped)')
             return True
         if config is None:
-            config = self.defaultprovider.get_config()
+            config = self.defaultprovider.config
         if uri is None:
             domain = config.get('provider', None)
             uri = self._get_provider_definition_uri(domain=domain)
@@ -357,7 +362,7 @@ class EIPConfigChecker(object):
         if skip_download:
             return True
         if config is None:
-            config = self.eipserviceconfig.get_config()
+            config = self.eipserviceconfig.config
         if uri is None:
             domain = config.get('provider', None)
             uri = self._get_eip_service_uri(domain=domain)
@@ -368,7 +373,7 @@ class EIPConfigChecker(object):
     def check_complete_eip_config(self, config=None):
         # TODO check for gateway
         if config is None:
-            config = self.eipconfig.get_config()
+            config = self.eipconfig.config
         try:
             'trying assertions'
             assert 'provider' in config