Delete-then-raise for tmp certs

2016-12-02 17:51:02 +02:00 · 2016-12-02 17:51:02 +02:00 · 26af5ad760
parent 93ddf8015d
commit 26af5ad760
2 changed files with 13 additions and 2 deletions
--- a/pupy/network/lib/clients.py
+++ b/pupy/network/lib/clients.py
@ -121,6 +121,8 @@ class PupySSLClient(PupyTCPClient):
        os.write(fd_ca_path, self.SSL_CA_CERT)
        os.close(fd_ca_path)

+        exception = None
+
        try:
            wrapped_socket = ssl.wrap_socket(
                socket,
@ -132,11 +134,17 @@ class PupySSLClient(PupyTCPClient):
                ssl_version=self.ssl_version,
                ciphers=self.ciphers
            )
+        except Exception as e:
+            exception = e
+
        finally:
            os.unlink(tmp_cert_path)
            os.unlink(tmp_key_path)
            os.unlink(tmp_ca_path)

+        if exception:
+            raise e
+
        peer = wrapped_socket.getpeercert()

        peer_role = ''
--- a/pupy/network/transports/ssl/conf.py
+++ b/pupy/network/transports/ssl/conf.py
@ -40,6 +40,8 @@ class PupySSLAuthenticator(object):
        os.write(fd_ca_path, self.castr)
        os.close(fd_ca_path)

+        exception = None
+
        try:
            wrapped_socket = ssl.wrap_socket(
                sock,
@ -52,14 +54,15 @@ class PupySSLAuthenticator(object):
                ciphers=self.ciphers
            )
        except ssl.SSLError:
-            ex = sys.exc_info()[1]
-            raise AuthenticationError(str(ex))
+            exception = sys.exc_info()[1]

        finally:
            os.unlink(tmp_cert_path)
            os.unlink(tmp_key_path)
            os.unlink(tmp_ca_path)

+        if exception:
+            raise AuthenticationError(str(exception))

        peer = wrapped_socket.getpeercert()
        peer_role = ''