Issue 18616: enable more ssl socket options with get_server_certificate

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/62816

classification

Title:	enable more ssl socket options with get_server_certificate
Type:	enhancement	Stage:
Components:	Extension Modules	Versions:	Python 3.7, Python 3.6

process

Status:	open	Resolution:
Dependencies:		Superseder:
Assigned To:		Nosy List:	christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, underrun
Priority:	normal	Keywords:	patch

Created on 2013-08-01 15:56 by underrun, last changed 2022-04-11 14:57 by admin.

Files
File name	Uploaded	Description	Edit
ssl_get_server_certificate_kwargs.patch	underrun, 2013-08-01 15:56		review

Messages (4)
msg194083 - (view)	Author: Derek Wilson (underrun)	Date: 2013-08-01 15:56
ssl.get_server_certificate does not allow advanced options like what ciphers to use (for ssl2 for instance) or SNI for virtual hosts with multiple ssl sites on one IP address. Adding **kwargs enables any current and future SSLSocket options to be passed along to the underlying connection. wrap_socket doesn't include all the options (npn and sni for instance), so I use SSLSocket instead.
msg205728 - (view)	Author: Derek Wilson (underrun)	Date: 2013-12-09 18:50
any thoughts on this? there's a lot of room for improvement in python ssl...
msg217448 - (view)	Author: Antoine Pitrou (pitrou) *	Date: 2014-04-28 23:43
To be frank, it's quite easy to open the connection and read the cert yourself, so I don't think complicating this API is very useful. Still, I'm leaving this open so that other developers can chime in.
msg275030 - (view)	Author: Christian Heimes (christian.heimes) *	Date: 2016-09-08 14:55
I would accept a patch that adds a ssl_context argument to get_server_certificate().

History
Date	User	Action	Args
2022-04-11 14:57:48	admin	set	status: pending -> open github: 62816
2016-09-08 14:55:00	christian.heimes	set	status: open -> pending messages: + msg275030 versions: + Python 3.6, Python 3.7, - Python 3.4, Python 3.5
2014-04-28 23:43:11	pitrou	set	nosy: + janssen, pitrou, giampaolo.rodola, christian.heimes, dstufft messages: + msg217448
2013-12-09 18:50:51	underrun	set	messages: + msg205728 versions: + Python 3.5
2013-08-01 15:56:02	underrun	create