summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Shuler <michael@pbandjelly.org>2015-12-16 17:53:09 -0600
committerMichael Shuler <michael@pbandjelly.org>2015-12-16 17:53:09 -0600
commit12497a6769ffe51dac87e37bfc8376dd6e7e824f (patch)
tree954598dbad3472cffbb97634a658d8f6cee5a094
parentdb2b12518de6c1e6cdafdc5a5b8acb1824dcee40 (diff)
downloadca-certificates-12497a6769ffe51dac87e37bfc8376dd6e7e824f.tar.gz
Drop old CK*_NETSCAPE trust flag checks
Diffstat
-rw-r--r--mozilla/certdata2pem.py11
1 files changed, 4 insertions, 7 deletions
diff --git a/mozilla/certdata2pem.py b/mozilla/certdata2pem.py
index 7bd4d2d..f91422b 100644
--- a/mozilla/certdata2pem.py
+++ b/mozilla/certdata2pem.py
@@ -98,18 +98,15 @@ if os.path.exists('blacklist.txt'):
# Build up trust database.
trust = dict()
for obj in objects:
- if obj['CKA_CLASS'] not in ('CKO_NETSCAPE_TRUST', 'CKO_NSS_TRUST'):
+ if obj['CKA_CLASS'] != 'CKO_NSS_TRUST':
continue
if obj['CKA_LABEL'] in blacklist:
print("Certificate %s blacklisted, ignoring." % obj['CKA_LABEL'])
- elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR',
- 'CKT_NSS_TRUSTED_DELEGATOR'):
+ elif obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NSS_TRUSTED_DELEGATOR':
trust[obj['CKA_LABEL']] = True
- elif obj['CKA_TRUST_EMAIL_PROTECTION'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR',
- 'CKT_NSS_TRUSTED_DELEGATOR'):
+ elif obj['CKA_TRUST_EMAIL_PROTECTION'] == 'CKT_NSS_TRUSTED_DELEGATOR':
trust[obj['CKA_LABEL']] = True
- elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_UNTRUSTED',
- 'CKT_NSS_NOT_TRUSTED'):
+ elif obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NSS_NOT_TRUSTED':
print('!'*74)
print("UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL'])
print('!'*74)
View Lorry Controller Status