caucase.utils._verifyCertificateChain: Fix support for pyOpenSSL >= 24.3.0

53043d20 · Vincent Pelletier · eeb71cea · 53043d20
Commit 53043d20 authored Dec 30, 2024 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

caucase/utils.py caucase/utils.py +4 -1

No files found.
--- a/caucase/utils.py
+++ b/caucase/utils.py
@@ -420,8 +420,11 @@ def _verifyCertificateChain(cert, trusted_cert_list, crl_list):
  for trusted_cert in trusted_cert_list:
    store.add_cert(crypto.X509.from_cryptography(trusted_cert))
  if crl_list:
+    if hasattr(crypto, 'CRL'): # pragma: no cover
+      # BBB: pyOpenSSL < 24.3.0
+      crl_list = [crypto.CRL.from_cryptography(x) for x in crl_list]
    for crl in crl_list:
-      store.add_crl(crypto.CRL.from_cryptography(crl))
+      store.add_crl(crl)
    store.set_flags(crypto.X509StoreFlags.CRL_CHECK)
  try:
    crypto.X509StoreContext(