expired is now called for new certs, where the not_after field might be in datetime format, and not comparable to utc
This commit is contained in:
parent
697215f8bc
commit
5206997468
@ -8,6 +8,8 @@
|
||||
from datetime import timedelta
|
||||
|
||||
import arrow
|
||||
import pytz
|
||||
import datetime
|
||||
from cryptography import x509
|
||||
from cryptography.hazmat.primitives.asymmetric import rsa
|
||||
from flask import current_app
|
||||
@ -321,8 +323,13 @@ class Certificate(db.Model):
|
||||
|
||||
@hybrid_property
|
||||
def expired(self):
|
||||
if self.not_after <= arrow.utcnow():
|
||||
return True
|
||||
if isinstance(self.not_after, datetime.datetime):
|
||||
# can't compare offset-naive and offset-aware datetimes
|
||||
if self.not_after.replace(tzinfo=pytz.UTC) <= arrow.utcnow():
|
||||
return True
|
||||
else:
|
||||
if self.not_after <= arrow.utcnow():
|
||||
return True
|
||||
|
||||
@expired.expression
|
||||
def expired(cls):
|
||||
|
Loading…
Reference in New Issue
Block a user