En Tue, 28 Jul 2009 09:02:40 -0300, Steven D'Aprano
<st...@remove-this-cybersource.com.au> escribió:
On Mon, 27 Jul 2009 23:16:39 -0300, Gabriel Genellina wrote:
I don't see the point on "fixing" either the Python script or httplib to
accomodate for an invalid server certificate... If it's just for
internal testing, I'd use HTTP instead (at least until the certificate
is fixed).
In real life, sometimes you need to drive with bad brakes on your car,
walk down dark alleys in the bad part of town, climb a tree without a
safety line, and use a hammer without wearing goggles. We can do all
these things.
The OP has said that, for whatever reason, he needs to ignore a bad
server certificate when connecting to HTTPS. Python is a language where
developers are allowed to shoot themselves in the foot, so long as they
do so in full knowledge of what they're doing.
So, putting aside all the millions of reasons why the OP shouldn't accept
an invalid certificate, how can he accept an invalid certificate?
Yes, I understand the situation, but I'm afraid there is no way (that I
know of). At least not without patching _ssl.c; all the SSL negotiation is
handled by the OpenSSL library itself.
I vaguely remember a pure Python SSL implementation somewhere that perhaps
could be hacked to bypass all controls. But making it work properly will
probably require a lot more effort than installing a self signed
certificate in the server...
--
Gabriel Genellina
--
http://mail.python.org/mailman/listinfo/python-list
