[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[minion-cvs] When a TLS cert is out of date, notice how badly out of...

Update of /home/minion/cvsroot/src/minion/lib/mixminion
In directory moria.mit.edu:/tmp/cvs-serv17674/src/minion/lib/mixminion

Modified Files:
	MMTPClient.py __init__.py test.py 
Log Message:
When a TLS cert is out of date, notice how badly out of data it is.

Index: MMTPClient.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/MMTPClient.py,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -d -r1.56 -r1.57
--- MMTPClient.py	6 Mar 2004 00:04:38 -0000	1.56
+++ MMTPClient.py	13 Apr 2004 04:00:59 -0000	1.57
@@ -24,7 +24,8 @@
 import mixminion.TLSConnection
 from mixminion.Crypto import sha1, getCommonPRNG
 from mixminion.Common import MixProtocolError, MixProtocolReject, \
-     MixProtocolBadAuth, LOG, MixError, formatBase64, TimeoutError
+     MixProtocolBadAuth, LOG, MixError, formatBase64, stringContains, \
+     TimeoutError
 from mixminion.Packet import IPV4Info, MMTPHostInfo
 
 def _noop(*k,**v): pass
@@ -492,8 +493,15 @@
         try:
             tls.check_cert_alive()
         except _ml.TLSError, e:
+            s = str(e)
+            notBefore,notAfter = tls.get_cert_lifetime()
+            # XXXX 'stringContains' is not the best possible check here...
+            if stringContains(s, "expired"):
+                s = "%s [at %s]"%(s,notAfter)
+            elif stringContains(s,"not yet valid"):
+                s = "%s [until %s"%(s,notBefore)
             raise MixProtocolBadAuth("Invalid certificate from %s: %s" % (
-                serverName, str(e)))
+                serverName, s))
 
         # If we don't care whom we're talking to, we don't need to check
         # them out.

Index: __init__.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/__init__.py,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -d -r1.57 -r1.58
--- __init__.py	4 Apr 2004 17:58:28 -0000	1.57
+++ __init__.py	13 Apr 2004 04:00:59 -0000	1.58
@@ -7,7 +7,7 @@
    """
 
 # This version string is generated from setup.py; don't edit it.
-__version__ = "0.0.7"
+__version__ = "0.0.8alpha1"
 # This 5-tuple encodes the version number for comparison.  Don't edit it.
 # The first 3 numbers are the version number; the 4th is:
 #          0 for alpha
@@ -18,7 +18,7 @@
 # The 4th or 5th number may be a string.  If so, it is not meant to
 #   succeed or precede any other sub-version with the same a.b.c version
 #   number.
-version_info = (0, 0, 7, 100, -1)
+version_info = (0, 0, 8, 0, 1)
 __all__ = [ 'server', 'directory' ]
 
 def version_tuple_to_string(t):

Index: test.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/test.py,v
retrieving revision 1.192
retrieving revision 1.193
diff -u -d -r1.192 -r1.193
--- test.py	23 Mar 2004 00:24:31 -0000	1.192
+++ test.py	13 Apr 2004 04:00:59 -0000	1.193
@@ -7517,8 +7517,8 @@
     loader = unittest.TestLoader()
     tc = loader.loadTestsFromTestCase
 
-    if 0:
-        suite.addTest(tc(MiscTests))
+    if 1:
+        suite.addTest(tc(MMTPTests))
         return suite
     testClasses = [MiscTests,
                    MinionlibCryptoTests,