Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

enable more ssl socket options with get_server_certificate #62816

Open
underrun mannequin opened this issue Aug 1, 2013 · 4 comments
Open

enable more ssl socket options with get_server_certificate #62816

underrun mannequin opened this issue Aug 1, 2013 · 4 comments
Labels
3.7 (EOL) end of life extension-modules C modules in the Modules dir type-feature A feature request or enhancement

Comments

@underrun
Copy link
Mannequin

underrun mannequin commented Aug 1, 2013

BPO 18616
Nosy @pitrou, @giampaolo, @tiran, @dstufft
Files
  • ssl_get_server_certificate_kwargs.patch
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = None
created_at = <Date 2013-08-01.15:56:02.888>
labels = ['extension-modules', 'type-feature', '3.7']
title = 'enable more ssl socket options with get_server_certificate'
updated_at = <Date 2016-09-08.14:55:00.955>
user = 'https://bugs.python.org/underrun'

    bugs.python.org fields:

    activity = <Date 2016-09-08.14:55:00.955>
actor = 'christian.heimes'
assignee = 'none'
closed = False
closed_date = None
closer = None
components = ['Extension Modules']
creation = <Date 2013-08-01.15:56:02.888>
creator = 'underrun'
dependencies = []
files = ['31111']
hgrepos = []
issue_num = 18616
keywords = ['patch']
message_count = 4.0
messages = ['194083', '205728', '217448', '275030']
nosy_count = 6.0
nosy_names = ['janssen', 'pitrou', 'giampaolo.rodola', 'christian.heimes', 'underrun', 'dstufft']
pr_nums = []
priority = 'normal'
resolution = None
stage = None
status = 'pending'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue18616'
versions = ['Python 3.6', 'Python 3.7']
    @underrun
    Copy link
    Mannequin Author

    underrun mannequin commented Aug 1, 2013

    ssl.get_server_certificate does not allow advanced options like what ciphers to use (for ssl2 for instance) or SNI for virtual hosts with multiple ssl sites on one IP address.

    Adding **kwargs enables any current and future SSLSocket options to be passed along to the underlying connection. wrap_socket doesn't include all the options (npn and sni for instance), so I use SSLSocket instead.

    @underrun underrun mannequin added extension-modules C modules in the Modules dir type-feature A feature request or enhancement labels Aug 1, 2013
    @underrun
    Copy link
    Mannequin Author

    underrun mannequin commented Dec 9, 2013

    any thoughts on this? there's a lot of room for improvement in python ssl...

    @pitrou
    Copy link
    Member

    pitrou commented Apr 28, 2014

    To be frank, it's quite easy to open the connection and read the cert yourself, so I don't think complicating this API is very useful.
    Still, I'm leaving this open so that other developers can chime in.

    @tiran
    Copy link
    Member

    tiran commented Sep 8, 2016

    I would accept a patch that adds a ssl_context argument to get_server_certificate().

    @tiran tiran added the 3.7 (EOL) end of life label Sep 8, 2016
    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    3.7 (EOL) end of life extension-modules C modules in the Modules dir type-feature A feature request or enhancement
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    2 participants
    @tiran @pitrou