Title: enable more ssl socket options with get_server_certificate
Type: enhancement Stage:
Components: Extension Modules Versions: Python 3.7, Python 3.6
Status: pending Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, underrun
Priority: normal Keywords: patch

Created on 2013-08-01 15:56 by underrun, last changed 2016-09-08 14:55 by christian.heimes.

File name Uploaded Description Edit
ssl_get_server_certificate_kwargs.patch underrun, 2013-08-01 15:56 review
Messages (4)
msg194083 - (view) Author: Derek Wilson (underrun) Date: 2013-08-01 15:56
ssl.get_server_certificate does not allow advanced options like what ciphers to use (for ssl2 for instance) or SNI for virtual hosts with multiple ssl sites on one IP address.

Adding **kwargs enables any current and future SSLSocket options to be passed along to the underlying connection. wrap_socket doesn't include all the options (npn and sni for instance), so I use SSLSocket instead.
msg205728 - (view) Author: Derek Wilson (underrun) Date: 2013-12-09 18:50
any thoughts on this? there's a lot of room for improvement in python ssl...
msg217448 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2014-04-28 23:43
To be frank, it's quite easy to open the connection and read the cert yourself, so I don't think complicating this API is very useful.
Still, I'm leaving this open so that other developers can chime in.
msg275030 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2016-09-08 14:55
I would accept a patch that adds a ssl_context argument to get_server_certificate().
Date User Action Args
2016-09-08 14:55:00christian.heimessetstatus: open -> pending

messages: + msg275030
versions: + Python 3.6, Python 3.7, - Python 3.4, Python 3.5
2014-04-28 23:43:11pitrousetnosy: + janssen, pitrou, giampaolo.rodola, christian.heimes, dstufft
messages: + msg217448
2013-12-09 18:50:51underrunsetmessages: + msg205728
versions: + Python 3.5
2013-08-01 15:56:02underruncreate