From 676350ba8a8e94fcf5f7d1231384df28c1803b5e Mon Sep 17 00:00:00 2001
From: ThomasV <thomasv@gitorious>
Date: Wed, 2 Oct 2013 10:36:29 +0200
Subject: [PATCH] delete expired certificates

---
 lib/interface.py | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/lib/interface.py b/lib/interface.py
index 2f687fbc..91bcf915 100644
--- a/lib/interface.py
+++ b/lib/interface.py
@@ -339,8 +339,18 @@ class Interface(threading.Thread):
             except ssl.SSLError, e:
                 print_error("SSL error:", self.host, e)
                 if is_new:
-                    check_cert(self.host, cert)
                     os.rename(temporary_path, cert_path + '.rej')
+                else:
+                    from OpenSSL import crypto as c
+                    with open(cert_path) as f:
+                        cert = f.read()
+                    _cert = c.load_certificate(c.FILETYPE_PEM, cert)
+                    if _cert.has_expired():
+                        print_error("certificate has expired:", cert_path)
+                        os.unlink(cert_path)
+                    else:
+                        print_msg("wrong certificate", self.host)
+
                 return
             except:
                 print_error("wrap_socket failed", self.host)