solderpunk
/
AV-98
9
21
Fork 15
Code Issues 4 Pull Requests 4 Releases Wiki Activity

Opt out of transient certs for now, better messaging about certificates.

This commit is contained in:
Solderpunk 2020-05-10 18:46:16 +02:00
parent e0552df853
commit 94e796ee5e
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
av98.py
View File

@ -364,6 +364,19 @@ Slow internet connection? Use 'set timeout' to be more patient.""")
return return
# Client cert # Client cert
elif status.startswith("6"): elif status.startswith("6"):
# We don't do transient certs yet
if status == "61":
print("Transient client certificates not yet supported.")
return
# Present different messages for different 6x statuses, but
# handle them the same.
if status in ("64", "65"):
print("The server rejected your certificate because it is either expired or not yet valid.")
elif status == "63":
print("The server did not accept your certificate.")
print("You may need to e.g. coordinate with the admin to get your certificate fingerprint whitelisted.")
else:
print("The site {} is requesting a client certificate.".format(gi.host)) print("The site {} is requesting a client certificate.".format(gi.host))
print("This will allow the site to recognise you across requests.") print("This will allow the site to recognise you across requests.")
print("What do you want to do?") print("What do you want to do?")