Permalink
Browse files

Add binary_form argument to get_ssl_certificate.

The default form contains only basic information; the binary form is more
complete.
  • Loading branch information...
1 parent 2b07385 commit cbc84bc50dd5d9b4468e3878038f917fcf734618 @bdarnell bdarnell committed Aug 19, 2012
Showing with 8 additions and 4 deletions.
  1. +8 −4 tornado/httpserver.py
View
@@ -427,7 +427,7 @@ def request_time(self):
else:
return self._finish_time - self._start_time
- def get_ssl_certificate(self):
+ def get_ssl_certificate(self, binary_form=False):
"""Returns the client's SSL certificate, if any.
To use client certificates, the HTTPServer must have been constructed
@@ -440,12 +440,16 @@ def get_ssl_certificate(self):
cert_reqs=ssl.CERT_REQUIRED,
ca_certs="cacert.crt"))
- The return value is a dictionary, see SSLSocket.getpeercert() in
- the standard library for more details.
+ By default, the return value is a dictionary (or None, if no
+ client certificate is present). If ``binary_form`` is true, a
+ DER-encoded form of the certificate is returned instead. See
+ SSLSocket.getpeercert() in the standard library for more
+ details.
http://docs.python.org/library/ssl.html#sslsocket-objects
"""
try:
- return self.connection.stream.socket.getpeercert()
+ return self.connection.stream.socket.getpeercert(
+ binary_form=binary_form)
except ssl.SSLError:
return None

0 comments on commit cbc84bc

Please sign in to comment.