diff options
author | Michael Shuler <michael@pbandjelly.org> | 2015-12-16 17:53:09 -0600 |
---|---|---|
committer | Michael Shuler <michael@pbandjelly.org> | 2015-12-16 17:53:09 -0600 |
commit | 12497a6769ffe51dac87e37bfc8376dd6e7e824f (patch) | |
tree | 954598dbad3472cffbb97634a658d8f6cee5a094 | |
parent | db2b12518de6c1e6cdafdc5a5b8acb1824dcee40 (diff) | |
download | ca-certificates-12497a6769ffe51dac87e37bfc8376dd6e7e824f.tar.gz |
Drop old CK*_NETSCAPE trust flag checks
-rw-r--r-- | mozilla/certdata2pem.py | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/mozilla/certdata2pem.py b/mozilla/certdata2pem.py index 7bd4d2d..f91422b 100644 --- a/mozilla/certdata2pem.py +++ b/mozilla/certdata2pem.py @@ -98,18 +98,15 @@ if os.path.exists('blacklist.txt'): # Build up trust database. trust = dict() for obj in objects: - if obj['CKA_CLASS'] not in ('CKO_NETSCAPE_TRUST', 'CKO_NSS_TRUST'): + if obj['CKA_CLASS'] != 'CKO_NSS_TRUST': continue if obj['CKA_LABEL'] in blacklist: print("Certificate %s blacklisted, ignoring." % obj['CKA_LABEL']) - elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR', - 'CKT_NSS_TRUSTED_DELEGATOR'): + elif obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NSS_TRUSTED_DELEGATOR': trust[obj['CKA_LABEL']] = True - elif obj['CKA_TRUST_EMAIL_PROTECTION'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR', - 'CKT_NSS_TRUSTED_DELEGATOR'): + elif obj['CKA_TRUST_EMAIL_PROTECTION'] == 'CKT_NSS_TRUSTED_DELEGATOR': trust[obj['CKA_LABEL']] = True - elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_UNTRUSTED', - 'CKT_NSS_NOT_TRUSTED'): + elif obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NSS_NOT_TRUSTED': print('!'*74) print("UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL']) print('!'*74) |