upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-05-28 04:34:11 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Added check to see if certificate exists

Browse source
This commit is contained in:
James Kasten 2012-08-08 17:01:54 -04:00
parent 76f449f650
commit 0bd5bf57d5
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server-ca/sni_challenge/verify.py
View file

@ -64,7 +64,7 @@ def verify_challenge(address, r, nonce, socksify=False):
socksocket = socks.socksocket()
socksocket.setproxy(socks.PROXY_TYPE_SOCKS4, "localhost", 9050)
conn.socket = socksocket
sni_support.set_sni_ext(conn.ssl, sni_name)
try:
conn.connect((address, 443))
@ -74,8 +74,10 @@ def verify_challenge(address, r, nonce, socksify=False):
cert_chain = conn.get_peer_cert_chain()
#Ensure certificate chain form is correct
if cert_chain is None:
return False, "Client did not provide a certificate"
if len(cert_chain) != 1:
return False, "Incorrect number of certificates in chain"
return False, "Chocolate client should only include 1 cert"
for i in range(0,cert_chain[0].get_ext_count()):
ext = cert_chain[0].get_ext_at(i)