Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
bpo-16487: allow certificates to be specified from memory #2449
Compared to the state last discussed via http://bugs.python.org/review/16487, I have
@pitrou @orsenthil @tiran I would very much appreciate to get another round of feedback. I am available for pushing this further, so that maybe we can still land this in 3.7. With all the information present across the issue tracker and this GH conv I want to stress again what's probably easy to miss: this is meant to be a conceptually backwards-compatible change, because the old code path remains intact.
Gotcha. At the core that's because there is unfortunately no such thing like
That's what this patch adds and what's called
Thanks for giving this another quick thought @pitrou, much appreciated.
Edit: I've tried to write this before, but I want to retry with more clarity:
In this patch, we create the BIO using the nice existing Python API for Memory BIO management (which was added in Python 3.5). That results in
The input to the
This is why
tiran left a comment
I'm still -1 on this change. @reaperhulk and I are going to have another stab in PEP 543, which will provide a better way to load certs and keys. As Antoine pointed out, it's a lot of additional code. I don't want to maintain additional code and multiple APIs to load key and cert material.
A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated.
Once you have made the requested changes, please leave a comment on this pull request containing the phrase