diff options
| -rw-r--r-- | netlib/tcp.py | 9 | ||||
| -rw-r--r-- | test/test_tcp.py | 9 |
2 files changed, 15 insertions, 3 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index 4b547d1f..d0ca09f3 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -177,11 +177,14 @@ class TCPClient: clientcert: Path to a file containing both client cert and private key. """ context = SSL.Context(method) - if not options is None: + if options is not None: ctx.set_options(options) if clientcert: - context.use_privatekey_file(clientcert) - context.use_certificate_file(clientcert) + try: + context.use_privatekey_file(clientcert) + context.use_certificate_file(clientcert) + except SSL.Error, v: + raise NetLibError("SSL client certificate error: %s"%str(v)) self.connection = SSL.Connection(context, self.connection) self.ssl_established = True if sni: diff --git a/test/test_tcp.py b/test/test_tcp.py index 034e43b9..0417aa21 100644 --- a/test/test_tcp.py +++ b/test/test_tcp.py @@ -189,6 +189,15 @@ class TestSSLClientCert(ServerTestBase): c.convert_to_ssl(clientcert=tutils.test_data.path("data/clientcert/client.pem")) assert c.rfile.readline().strip() == "1" + def test_clientcert_err(self): + c = tcp.TCPClient("127.0.0.1", self.port) + c.connect() + tutils.raises( + tcp.NetLibError, + c.convert_to_ssl, + clientcert=tutils.test_data.path("data/clientcert/make") + ) + class TestSNI(ServerTestBase): @classmethod |