[issue14780] urllib.request could use the default CA store

[Martin Panter]

Martin Panter added the comment:

The documentation of the default value “cadefault=False” was fixed in Issue 
17977. A later change seems to have made this paramter redundant. Anyway I 
think this can be closed.

--
nosy: +vadmium
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue14780] urllib.request could use the default CA store

[James Oakley]

James Oakley  added the comment:

Ok, perfect. I submitted a copy of the agreement.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue14780] urllib.request could use the default CA store

[Antoine Pitrou]

Antoine Pitrou  added the comment:

Patch committed. I propose to close the issue, unless further enhancements are 
suggested.

--
resolution:  -> fixed
stage:  -> committed/rejected

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue14780] urllib.request could use the default CA store

[Roundup Robot]

Roundup Robot  added the comment:

New changeset f2ed5de1c568 by Antoine Pitrou in branch 'default':
Issue #14780: urllib.request.urlopen() now has a `cadefault` argument to use 
the default certificate store.
http://hg.python.org/cpython/rev/f2ed5de1c568

--
nosy: +python-dev

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue14780] urllib.request could use the default CA store

[Antoine Pitrou]

Antoine Pitrou  added the comment:

Oh, by the way, could you sign and send a contributor agreement? See 
http://www.python.org/psf/contrib/
(it is not a copyright assignment, just a formal licensing agreement)

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue14780] urllib.request could use the default CA store

[Antoine Pitrou]

Antoine Pitrou  added the comment:

> Ok, here's a patch with a test and documentation updates.

Ok, thanks! The only change I would make is that cadefault needs to be
False by default; particularly because some platforms don't have a
OpenSSL-compatible default CA store (Windows comes to mind) and all
HTTPS requests would then start failing.

You don't have to upload a new patch; I can change it when committing.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue14780] urllib.request could use the default CA store

[James Oakley]

James Oakley  added the comment:

Ok, here's a patch with a test and documentation updates.

--
Added file: 
http://bugs.python.org/file25617/cpython-urllib_urlopen_cadefault.patch

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue14780] urllib.request could use the default CA store

[Antoine Pitrou]

Antoine Pitrou  added the comment:

> Something like this perhaps?

For example, yes. Now we need to find a way of testing this...

--
nosy: +orsenthil
title: SSL should use OpenSSL-defined default certificate store if ca_certs 
parameter is omitted -> urllib.request could use the default CA store

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com