From 3ad57cfe2851038a6e7231a428f70ea8985f7b1e Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 5 Oct 2012 11:01:55 +0900 Subject: fix cert needed evaluation --- src/leap/eip/checks.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'src/leap/eip/checks.py') diff --git a/src/leap/eip/checks.py b/src/leap/eip/checks.py index 898af2fe..f79d47f5 100644 --- a/src/leap/eip/checks.py +++ b/src/leap/eip/checks.py @@ -257,7 +257,7 @@ class ProviderCertChecker(object): valid = exists() and valid_pemfile() and not_expired() if not valid: if do_raise: - raise Exception('missing cert') + raise Exception('missing valid cert') else: return False return True @@ -273,7 +273,9 @@ class ProviderCertChecker(object): with open(certfile) as cf: cert_s = cf.read() cert = crypto.X509Certificate(cert_s) - return cert.activation_time < now() < cert.expiration_time + from_ = time.gmtime(cert.activation_time) + to_ = time.gmtime(cert.expiration_time) + return from_ < now() < to_ def is_valid_pemfile(self, cert_s=None): """ -- cgit v1.2.3 From aee621fbe90016f368c74978d47b15eeb656a853 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 5 Oct 2012 19:52:14 +0900 Subject: todo comments --- src/leap/eip/checks.py | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/leap/eip/checks.py') diff --git a/src/leap/eip/checks.py b/src/leap/eip/checks.py index f79d47f5..413a3467 100644 --- a/src/leap/eip/checks.py +++ b/src/leap/eip/checks.py @@ -232,6 +232,9 @@ class ProviderCertChecker(object): # verify=verify # Workaround for #638. return to verification # when That's done!!! + + # XXX HOOK SRP here... + # will have to be more generic in the future. req = self.fetcher.get(uri, verify=False) req.raise_for_status() except requests.exceptions.SSLError: -- cgit v1.2.3