delete expired certificates

author ThomasV <thomasv@gitorious>

Wed, 2 Oct 2013 08:36:29 +0000 (10:36 +0200)

committer ThomasV <thomasv@gitorious>

Wed, 2 Oct 2013 08:36:29 +0000 (10:36 +0200)
author ThomasV <thomasv@gitorious>
Wed, 2 Oct 2013 08:36:29 +0000 (10:36 +0200)
committer ThomasV <thomasv@gitorious>
Wed, 2 Oct 2013 08:36:29 +0000 (10:36 +0200)
diff --git a/lib/interface.py b/lib/interface.py

index 2f687fb..91bcf91 100644 (file)
--- a/lib/interface.py
+++ b/lib/interface.py
@@ -339,8 +339,18 @@ class Interface(threading.Thread):
             except ssl.SSLError, e:
                 print_error("SSL error:", self.host, e)
                 if is_new:
-                    check_cert(self.host, cert)
                     os.rename(temporary_path, cert_path + '.rej')
+                else:
+                    from OpenSSL import crypto as c
+                    with open(cert_path) as f:
+                        cert = f.read()
+                    _cert = c.load_certificate(c.FILETYPE_PEM, cert)
+                    if _cert.has_expired():
+                        print_error("certificate has expired:", cert_path)
+                        os.unlink(cert_path)
+                    else:
+                        print_msg("wrong certificate", self.host)
+
                 return
             except:
                 print_error("wrap_socket failed", self.host)
author	ThomasV <thomasv@gitorious>
	Wed, 2 Oct 2013 08:36:29 +0000 (10:36 +0200)
committer	ThomasV <thomasv@gitorious>
	Wed, 2 Oct 2013 08:36:29 +0000 (10:36 +0200)