> On Sep 10, 2016, at 10:22 AM, Christian Heimes <christ...@python.org> wrote:
>
> I don't load any certs because it is not possible to remove a cert or
> X509 lookup once it is loaded. create_default_context() just have to
> load the certs and set more secure ciper suites.
This part is the most concerning to me, though I understand why it’s the case.
Perhaps we can do something a little tricky to allow both things to happen? IOW
do sort of a late binding of a call to loading the default certificates if no
other certificates has been loaded when the call to SSLContext().wrap_socket()
has been made.
So we’d do something like:
class SSLContext:
def __init__(self, …):
self._loaded_certificates = False
… # Do Other Stuff
def load_default_certs(self, …):
self._loaded_certificates = True
… # Do Other Stuff
def load_verify_locations(self, …):
self._loaded_certificates = True
… # Do Other Stuff
def wrap_socket(self, …):
if not self._loaded_certificates:
self.load_default_certs()
… # Do Other Stuff
That way if someone does something like:
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
ctx.load_verify_locations(cafile=“…”)
ctx.wrap_socket(…)
Then they don’t get any default certificates added, HOWEVER if they do:
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
ctx.wrap_socket(…)
Then they do.
The main draw back I can see with this is that you can’t wrap a socket and then
add certificates after the fact… but I don’t even know if that makes sense to
do?
—
Donald Stufft
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
