IRCNetwork: raise ssl.CertificateError instead of an in house exception if certfp is mismatched

Also, fix the expected and real fingerprints being logged in the wrong order.
2024-11-01 01:09:22 +01:00 · 2018-06-15 15:46:04 -07:00 · 2018-06-15 15:46:04 -07:00 · fefd5a1f6b
commit fefd5a1f6b
parent 68837aa927
1 changed files with 2 additions and 5 deletions
--- a/classes.py
+++ b/classes.py
@ -1525,9 +1525,6 @@ class PyLinkNetworkCoreWithUtils(PyLinkNetworkCore):
        # This is protocol specific, so stub it here in the base class.
        raise NotImplementedError

-class TLSValidationError(ConnectionError):
-    """Exception raised when additional TLS verifications fail."""
-
 # When this many pings in a row are missed, the ping timer loop will force a disconnect on the
 # next cycle. Effectively the ping timeout is: pingfreq * (KEEPALIVE_MAX_MISSED + 1)
 KEEPALIVE_MAX_MISSED = 2
@ -1651,8 +1648,8 @@ class IRCNetwork(PyLinkNetworkCoreWithUtils):
            if expected_fp:
                if fp != expected_fp:
                    # SSL Fingerprint doesn't match; break.
-                    raise TLSValidationError('Uplink TLS/SSL certificate fingerprint (%s) does not '
-                                             'match the one configured (%s: %s)' % (expected_fp, hashtype, fp))
+                    raise ssl.CertificateError('Uplink TLS/SSL certificate fingerprint (%s: %r) does not '
+                                               'match the one configured (%s: %r)' % (hashtype, fp, hashtype, expected_fp))
                else:
                    log.info('(%s) Uplink TLS/SSL certificate fingerprint '
                             '(%s) verified: %r', self.name, hashtype, fp)