Browse Source

delete only if cert is new

283
ThomasV 11 years ago
parent
commit
c097b9a530
  1. 6
      lib/interface.py

6
lib/interface.py

@ -255,6 +255,7 @@ class Interface(threading.Thread):
cert_path = os.path.join( self.config.get('path'), 'certs', self.host) cert_path = os.path.join( self.config.get('path'), 'certs', self.host)
if not os.path.exists(cert_path): if not os.path.exists(cert_path):
is_new = True
# get server certificate. # get server certificate.
# Do not use ssl.get_server_certificate because it does not work with proxy # Do not use ssl.get_server_certificate because it does not work with proxy
s = socket.socket( socket.AF_INET, socket.SOCK_STREAM ) s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )
@ -284,6 +285,8 @@ class Interface(threading.Thread):
with open(cert_path,"w") as f: with open(cert_path,"w") as f:
print_error("saving certificate for",self.host) print_error("saving certificate for",self.host)
f.write(cert) f.write(cert)
else:
is_new = False
s = socket.socket( socket.AF_INET, socket.SOCK_STREAM ) s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )
@ -305,8 +308,9 @@ class Interface(threading.Thread):
do_handshake_on_connect=True) do_handshake_on_connect=True)
except ssl.SSLError, e: except ssl.SSLError, e:
print_error("SSL error:", self.host, e) print_error("SSL error:", self.host, e)
if e.errno == 1:
# delete the certificate so we will download a new one # delete the certificate so we will download a new one
if is_new and e.errno == 1:
os.unlink(cert_path) os.unlink(cert_path)
return return
except: except:

Loading…
Cancel
Save