➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2017-10-26 04:11 by Nixawk, last changed 2022-04-11 14:58 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| ssl.py | Nixawk, 2017-10-26 04:11 | Added timeout support for func get_server_certificate in ssl module. | ||
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 4126 | closed | Nixawk, 2017-10-26 04:11 | |
| PR 22270 | merged | ZackerySpytz, 2020-09-16 05:46 | |
| PR 25570 | merged | christian.heimes, 2021-04-24 05:24 | |
| Messages (4) | |||
|---|---|---|---|
| msg305021 - (view) | Author: Vex Woo (Nixawk) * | Date: 2017-10-26 04:11 | |
The original get_server_certificate in ssl.py does not support socket timeout,
def get_server_certificate(addr, ssl_version=PROTOCOL_TLS, ca_certs=None):
"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.
If 'ssl_version' is specified, use it in the connection attempt."""
host, port = addr
if ca_certs is not None:
cert_reqs = CERT_REQUIRED
else:
cert_reqs = CERT_NONE
context = _create_stdlib_context(ssl_version,
cert_reqs=cert_reqs,
cafile=ca_certs)
with create_connection(addr) as sock:
with context.wrap_socket(sock) as sslsock:
dercert = sslsock.getpeercert(True)
return DER_cert_to_PEM_cert(dercert)
If a timeout parameter, a sample demo can be here:
>>> import ssl
>>> ssl.get_server_certificate(("www.qq.com", 443), timeout=6)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/ssl.py", line 1017, in get_server_certificate
with closing(create_connection(addr, timeout)) as sock:
File "/usr/lib/python2.7/socket.py", line 575, in create_connection
raise err
socket.error: [Errno 101] Network is unreachable
|
|||
| msg312879 - (view) | Author: Christian Heimes (christian.heimes) *  |
Date: 2018-02-26 07:58 | |
It's too late to land a new feature in 3.7. |
|||
| msg391758 - (view) | Author: miss-islington (miss-islington) | Date: 2021-04-24 04:46 | |
New changeset b2fac1afaa7c0d41a263781fcf94d8a92dc31b48 by Zackery Spytz in branch 'master': bpo-31870: Add a timeout parameter to ssl.get_server_certificate() (GH-22270) https://github.com/python/cpython/commit/b2fac1afaa7c0d41a263781fcf94d8a92dc31b48 |
|||
| msg391760 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-04-24 05:54 | |
New changeset f05c2aed7e25087122613b51f152919c79641f66 by Christian Heimes in branch 'master': bpo-31870: Fix test_get_server_certificate_timeout on Windows (GH-25570) https://github.com/python/cpython/commit/f05c2aed7e25087122613b51f152919c79641f66 |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:53 | admin | set | github: 76051 |
| 2021-04-24 05:54:11 | christian.heimes | set | messages: + msg391760 |
| 2021-04-24 05:24:54 | christian.heimes | set | pull_requests: + pull_request24289 |
| 2021-04-24 04:57:49 | christian.heimes | set | status: open -> closed stage: patch review -> resolved resolution: fixed versions: + Python 3.10, - Python 3.8 |
| 2021-04-24 04:46:08 | miss-islington | set | nosy:
+ miss-islington messages: + msg391758 |
| 2020-09-16 05:46:46 | ZackerySpytz | set | keywords:
+ patch nosy: + ZackerySpytz pull_requests: + pull_request21325 stage: needs patch -> patch review |
| 2018-02-26 07:58:58 | christian.heimes | set | stage: patch review -> needs patch messages: + msg312879 versions: + Python 3.8, - Python 3.7 |
| 2017-11-03 21:50:38 | christian.heimes | set | versions:
+ Python 3.7 nosy: + janssen, christian.heimes, alex, dstufft assignee: christian.heimes components: + SSL, - Library (Lib) stage: patch review |
| 2017-10-26 04:11:25 | Nixawk | create | |