[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2020-09-19 Thread Benjamin Peterson 


Change by Benjamin Peterson :


--
resolution:  -> fixed
stage: backport needed -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2020-09-19 Thread Irit Katriel 


Irit Katriel  added the comment:

Backport to 2.7 is no longer relevant, so I think this issue can be closed.

--
nosy: +iritkatriel

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2018-02-26 Thread Ned Deily 

Change by Ned Deily :


--
nosy: +benjamin.peterson -ned.deily

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2018-02-26 Thread Christian Heimes 

Christian Heimes  added the comment:

The fix hasn't been ported to 2.7 yet.

--
assignee: christian.heimes -> 
status:  -> open

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-09-05 Thread Christian Heimes 

Christian Heimes added the comment:


New changeset 63b3f2b19cc96801c3b8619e4cf8aa9028e7a33c by Christian Heimes in 
branch '3.6':
[3.6] bpo-29334: Fix ssl.getpeercert for auto-handshake (GH-1769) (#1778)
https://github.com/python/cpython/commit/63b3f2b19cc96801c3b8619e4cf8aa9028e7a33c


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-06-30 Thread Ned Deily 

Ned Deily added the comment:

Is anything holding this up for merging into 3.6 and/or 3.5?

--
nosy: +ned.deily

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-06-12 Thread Christian Heimes 

Christian Heimes added the comment:

Also needs backport to 2.7 for #22559

--
versions: +Python 2.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-06-12 Thread Mariatta Wijaya 

Changes by Mariatta Wijaya :


--
stage:  -> backport needed
versions: +Python 3.6, Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-05-23 Thread Christian Heimes 

Changes by Christian Heimes :


--
pull_requests: +1861

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-05-23 Thread Christian Heimes 

Changes by Christian Heimes :


--
pull_requests: +1860

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-05-23 Thread Christian Heimes 

Christian Heimes added the comment:


New changeset 66dc33b6822be93f85d84d24d3f9159ff568fbbb by Christian Heimes in 
branch 'master':
bpo-29334: Fix ssl.getpeercert for auto-handshake (#1769)
https://github.com/python/cpython/commit/66dc33b6822be93f85d84d24d3f9159ff568fbbb


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-05-23 Thread Christian Heimes 

Changes by Christian Heimes :


--
pull_requests: +1851

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-05-23 Thread Christian Heimes 

Christian Heimes added the comment:

The issue with getpeercert() is a side-effect of your issue #30141. The peer 
certificate is cached in do_handshake.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-05-23 Thread Nathaniel Smith 

Nathaniel Smith added the comment:

Oddly, I expected to run into this with my code using SSLObject in trio [1], 
but if I connect to python.org:443 and then 'await 
trio_ssl_stream.do_handshake(); trio_ssl_stream.getpeercert()' it works just 
fine ... even though when I run the sslbugs.py script I get the same weird 
results Greg reports. As far as I can tell the logic is identical. So I guess 
this might potentially be useful to narrow this down :-).

Test code that works:

@trio.run
async def main():
import trio
sock = trio.socket.socket()
addr = await sock.resolve_remote_address(("python.org", 443))
await sock.connect(addr)
s = trio.SocketStream(sock)
client = trio.ssl.SSLStream(
s, trio.ssl.create_default_context(), server_hostname="python.org")
await client.do_handshake()
print(client.getpeercert())

[1] Currently in https://github.com/python-trio/trio/pull/107, eventually will 
be at https://github.com/python-trio/trio/blob/master/trio/ssl.py

--
nosy: +njs

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-01-20 Thread Greg Stark 

Greg Stark added the comment:

adding script the illustrates the bug.

--
Added file: http://bugs.python.org/file46364/sslbugs.py

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-01-20 Thread Greg Stark 

Greg Stark added the comment:

Christian,

I will gladly do so a little later today. Thanks for your quick response.

--greg

On Fri, Jan 20, 2017 at 7:29 AM, Christian Heimes 
wrote:

>
> Christian Heimes added the comment:
>
> Hi Grek,
>
> can you provide a script to reproduce the problem, please?
>
> --
>
> ___
> Python tracker 
> 
> ___
>

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-01-20 Thread Christian Heimes 

Christian Heimes added the comment:

Hi Grek,

can you provide a script to reproduce the problem, please?

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

2017-01-20 Thread Greg Stark 

New submission from Greg Stark:

In my experiments with the relatively new class SSLObject from the ssl module 
I've noticed the following behavior(s) which I think can be described as bugs.

The getpeercert() method raises a ValueError exception "handshake not done" 
even after the handshake has successfully completed. If, however, I call the 
do_handshake() method *after* the handshake completes, then getpeercert() 
correctly runs and returns the peer's certificate. So now let's focus on 
do_handshake(). This method is basically undocumented, which I thought was ok 
because what it does should be obvious. It does seem to initiate a handshake if 
it's the first method call after the SSLObject is created. If called afterward, 
it doesn't outwardly appear to do anything, but as mentioned previously it does 
magically make the getpeercert() method start working.

--
assignee: christian.heimes
components: SSL
messages: 285903
nosy: Greg Stark, christian.heimes
priority: normal
severity: normal
status: open
title: ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange
type: behavior
versions: Python 3.5

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com