use x509 to check if server certificate has expired

2014-06-27 11:36:51 +02:00
parent 8295ef8c7f
commit f9985ae233
3 changed files with 59 additions and 46 deletions
--- a/lib/x509.py
+++ b/lib/x509.py
@@ -170,9 +170,8 @@ class X509(tlslite.X509):
            return None
        return not_after - datetime.utcnow()

-    def check_name(self, expected):
+    def check_date(self):
        not_before, not_after = self.extract_dates()
-        cert_names = self.extract_names()
        now = datetime.utcnow()
        if not_before > now:
            raise CertificateError(
@@ -180,6 +179,9 @@ class X509(tlslite.X509):
        if not_after <= now:
            raise CertificateError(
                'Certificate has expired.')
+
+    def check_name(self, expected):
+        cert_names = self.extract_names()
        if '.' in expected:
            expected_wild = expected[expected.index('.'):]
        else: