diff options
author | lovetox <philipp@hoerist.com> | 2022-05-13 18:20:08 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-13 12:20:08 -0400 |
commit | 45ebb73416a67cb87b7ca0bfcfe7902b4f38250a (patch) | |
tree | 0a5e253c0feb791ffc3b2ff7eaeeaa0ef214d460 /src/OpenSSL | |
parent | b31622b369618746e54242ebfcc305154bf0ef59 (diff) | |
download | pyopenssl-git-45ebb73416a67cb87b7ca0bfcfe7902b4f38250a.tar.gz |
Handle no expire date in X509.has_expire() (#1083)
get_notAfter() can return None.
Instead of raising a NoneType error, raise a ValueError which tells
us why it failed.
Diffstat (limited to 'src/OpenSSL')
-rw-r--r-- | src/OpenSSL/crypto.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index 8dec9a6..7f95d20 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -1367,7 +1367,10 @@ class X509: :return: ``True`` if the certificate has expired, ``False`` otherwise. :rtype: bool """ - time_string = self.get_notAfter().decode("utf-8") + time_string = self.get_notAfter() + if time_string is None: + raise ValueError("Unable to determine notAfter") + time_string = time_string.decode("utf-8") not_after = datetime.datetime.strptime(time_string, "%Y%m%d%H%M%SZ") return not_after < datetime.datetime.utcnow() |