On Tue, Feb 23, 2010 at 06:06:18PM +0100, Michael Hanselmann wrote: > X509 uses ASN1 GENERALIZEDTIME or UTCTIME to store certificate > validity. pyOpenSSL 0.7 and above allow us to retrieve both > “notBefore” and “notAfter” as strings. Parsing them turned > out to be a challenge since they can be in a variety of formats > (YYYYMMDDhhmmssZ, YYYYMMDDhhmmss+hhmm or YYYMMDDhhmmss-hhmm). > > This will be used to verify the validity of cluster certificates > in LUVerifyCluster. > > Signed-off-by: Michael Hanselmann <[email protected]>
LGTM, although I'd be more happy if the re.match in utils.py would be replaced by a pre-compiled regex. iustin
