interface.is_server_ca_signed: don't rely on assert - electrum

commit 0bf0b1d20be25bf77a553d644a651f04bc2dd783
parent 2f112169863382aa413d865dfad657034a376d7d
Author: SomberNight <somber.night@protonmail.com>
Date:   Mon, 18 Feb 2019 18:00:54 +0100

interface.is_server_ca_signed: don't rely on assert

Diffstat:
M electrum/interface.py  | 15 +++++++++++----

1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/electrum/interface.py b/electrum/interface.py
@@ -217,12 +217,19 @@ class Interface(PrintError):
         else:
             self.proxy = None
 
-    async def is_server_ca_signed(self, sslc):
+    async def is_server_ca_signed(self, ca_ssl_context):
+        """Given a CA enforcing SSL context, returns True if the connection
+        can be established. Returns False if the server has a self-signed
+        certificate but otherwise is okay. Any other failures raise.
+        """
         try:
-            await self.open_session(sslc, exit_early=True)
+            await self.open_session(ca_ssl_context, exit_early=True)
         except ssl.SSLError as e:
-            assert e.reason == 'CERTIFICATE_VERIFY_FAILED'
-            return False
+            if e.reason == 'CERTIFICATE_VERIFY_FAILED':
+                # failures due to self-signed certs are normal
+                return False
+            # e.g. too weak crypto
+            raise
         return True
 
     async def _try_saving_ssl_cert_for_first_time(self, ca_ssl_context):

	electrum Electrum Bitcoin wallet
	git clone https://git.parazyd.org/electrum
	Log \| Files \| Refs \| Submodules