pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update atst/domain/authnid/crl/__init__.py

Browse Source 
Co-Authored-By: montana-mil <42577527+montana-mil@users.noreply.github.com>
This commit is contained in:
dandds 2019-03-15 14:22:13 -04:00 committed by GitHub
parent ceee1f69d2
commit 4ec9ead1ac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
atst/domain/authnid/crl/__init__.py
View File

@ -182,6 +182,11 @@ class CRLCache(CRLInterface):
except crypto.X509StoreContextError as err: except crypto.X509StoreContextError as err:
if err.args[0][0] == CRL_EXPIRED_ERROR_CODE: if err.args[0][0] == CRL_EXPIRED_ERROR_CODE:
if app.config.get("CRL_FAIL_OPEN"): if app.config.get("CRL_FAIL_OPEN"):
self._log_info(
"Encountered expired CRL for certificate with CN {} and issuer CN {}, failing open.".format(
parsed.get_subject().CN, parsed.get_issuer().CN
)
)
return True return True
else: else:
raise CRLInvalidException("CRL expired. Args: {}".format(err.args)) raise CRLInvalidException("CRL expired. Args: {}".format(err.args))