Roundup Robot added the comment:
New changeset 7885876b6503 by R David Murray in branch 'default':
whatsnew: SSLSocket.getpeercert new values returned. (#18379)
http://hg.python.org/cpython/rev/7885876b6503
--
___
Python tracker
Changes by Antoine Pitrou pit...@free.fr:
--
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue18379
___
___
Python-bugs-list
Roundup Robot added the comment:
New changeset 40bfddda43d4 by Christian Heimes in branch 'default':
Issue #19682: Fix compatibility issue with old version of OpenSSL that
http://hg.python.org/cpython/rev/40bfddda43d4
--
status: pending - open
___
Roundup Robot added the comment:
New changeset 468d18bffdea by Christian Heimes in branch 'default':
Issue #18379: SSLSocket.getpeercert() returns CA issuer AIA fields, OCSP
http://hg.python.org/cpython/rev/468d18bffdea
--
nosy: +python-dev
___
Christian Heimes added the comment:
memo to me: update whatsnew
--
assignee: - christian.heimes
resolution: - fixed
stage: patch review - committed/rejected
status: open - pending
___
Python tracker rep...@bugs.python.org
Christian Heimes added the comment:
Are you satisfied with my patch? I'd like to commit it before beta 1
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue18379
___
Antoine Pitrou added the comment:
Do you have to put those certs in capath? Things would probably be simpler if
you didn't have to trigger capath loading using an actual SSL connection.
Also, please a versionadded tag in the doc entry.
--
___
Python
Christian Heimes added the comment:
It's just one certificate. The hash format of OpenSSL has changed over the
years so we have to duplicate all certificates. But I don't need the extra
stuff. I figured out that the Nokia test certificate has all new fields.
My initial patch has a
Antoine Pitrou added the comment:
It's just one certificate.
Indeed, it's just the decision to use capath that I'm arguing with.
My initial patch has a versionchanged doc update. Did you have too
much French wine again? *scnr* :)
Not *too much*, no ;-)
--
New submission from Christian Heimes:
The patch implements OCSP and CRL distribution point access for getpeercert().
I'll add tests and doc updates later.
Output for https://info.pca.dfn.de/
{'OCSP': ('http://ocsp.pca.dfn.de/OCSP-Server/OCSP',),
'crlDistributionPoints':
Christian Heimes added the comment:
Updated patch with test, doc updates and a third field. I have added CDP and
two AIA URIs: crlDistributionPoints, caIssuers and OCSP
--
Added file: http://bugs.python.org/file30834/ssl_ocsp_crldp.patch
___
Python
Changes by Christian Heimes li...@cheimes.de:
Removed file: http://bugs.python.org/file30810/ssl_ocsp_crldp.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue18379
___
12 matches
Mail list logo