Message 190669 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	christian.heimes, pitrou
Date	2013-06-05.15:44:20
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1370447060.67.0.813432963563.issue18143@psf.upfronthosting.co.za>
In-reply-to

Content
The patch implements a get_default_verify_paths() function for the ssl module. It returns the env vars and paths that are used by openssl's set_default_verify_paths() to load CA certs from default locations. I think it makes a useful addition for debugging purposes. On my system: >>> import ssl >>> ssl.get_default_verify_paths() (None, '/usr/lib/ssl/certs') >>> ssl.get_default_verify_paths(raw=True) ('SSL_CERT_FILE', '/usr/lib/ssl/cert.pem', 'SSL_CERT_DIR', '/usr/lib/ssl/certs') SSL_CTX_set_default_verify_paths() first tries the env var. If the env var is set the second element is ignored.

The patch implements a get_default_verify_paths() function for the ssl module. It returns the env vars and paths that are used by openssl's set_default_verify_paths() to load CA certs from default locations. I think it makes a useful addition for debugging purposes.

On my system:

>>> import ssl
>>> ssl.get_default_verify_paths()
(None, '/usr/lib/ssl/certs')
>>> ssl.get_default_verify_paths(raw=True)
('SSL_CERT_FILE', '/usr/lib/ssl/cert.pem', 'SSL_CERT_DIR', '/usr/lib/ssl/certs')

SSL_CTX_set_default_verify_paths() first tries the env var. If the env var is set the second element is ignored.

History
Date	User	Action	Args
2013-06-05 15:44:20	christian.heimes	set	recipients: + christian.heimes, pitrou
2013-06-05 15:44:20	christian.heimes	set	messageid: <1370447060.67.0.813432963563.issue18143@psf.upfronthosting.co.za>
2013-06-05 15:44:20	christian.heimes	link	issue18143 messages
2013-06-05 15:44:20	christian.heimes	create