summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/leap/services/eip/providerbootstrapper.py18
1 files changed, 14 insertions, 4 deletions
diff --git a/src/leap/services/eip/providerbootstrapper.py b/src/leap/services/eip/providerbootstrapper.py
index 15609620..0be997b2 100644
--- a/src/leap/services/eip/providerbootstrapper.py
+++ b/src/leap/services/eip/providerbootstrapper.py
@@ -28,7 +28,7 @@ from PySide import QtCore
from leap.common.certs import get_digest
from leap.common.files import check_and_fix_urw_only, get_mtime, mkdir_p
-from leap.common.check import leap_assert, leap_assert_type
+from leap.common.check import leap_assert, leap_assert_type, leap_check
from leap.config.providerconfig import ProviderConfig
from leap.util.request_helpers import get_content
from leap.util.constants import REQUEST_TIMEOUT
@@ -46,6 +46,13 @@ class UnsupportedProviderAPI(Exception):
pass
+class WrongFingerprint(Exception):
+ """
+ Raised when a fingerprint comparison does not match.
+ """
+ pass
+
+
class ProviderBootstrapper(AbstractBootstrapper):
"""
Given a provider URL performs a series of checks and emits signals
@@ -252,7 +259,9 @@ class ProviderBootstrapper(AbstractBootstrapper):
return
parts = self._provider_config.get_ca_cert_fingerprint().split(":")
- leap_assert(len(parts) == 2, "Wrong fingerprint format")
+
+ error_msg = "Wrong fingerprint format"
+ leap_check(len(parts) == 2, error_msg, WrongFingerprint)
method = parts[0].strip()
fingerprint = parts[1].strip()
@@ -262,8 +271,9 @@ class ProviderBootstrapper(AbstractBootstrapper):
leap_assert(len(cert_data) > 0, "Could not read certificate data")
digest = get_digest(cert_data, method)
- leap_assert(digest == fingerprint,
- "Downloaded certificate has a different fingerprint!")
+
+ error_msg = "Downloaded certificate has a different fingerprint!"
+ leap_check(digest == fingerprint, error_msg, WrongFingerprint)
def _check_api_certificate(self, *args):
"""