Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SSLSocket.get_verify_result() #75553

Closed
tiran opened this issue Sep 6, 2017 · 3 comments
Closed

Add SSLSocket.get_verify_result() #75553

tiran opened this issue Sep 6, 2017 · 3 comments
Assignees
@tiran
Labels
3.8 only security fixes topic-SSL type-feature A feature request or enhancement

Comments

@tiran
Copy link
Member

tiran commented Sep 6, 2017

BPO 31372
Nosy @tiran, @tonybaloney
PRs
  • bpo-31372: Expose SSL verify result #3395
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = 'https://github.com/tiran'
closed_at = None
created_at = <Date 2017-09-06.21:49:03.982>
labels = ['expert-SSL', 'type-feature', '3.8']
title = 'Add SSLSocket.get_verify_result()'
updated_at = <Date 2019-05-06.15:19:16.987>
user = 'https://github.com/tiran'

    bugs.python.org fields:

    activity = <Date 2019-05-06.15:19:16.987>
actor = 'anthony shaw'
assignee = 'christian.heimes'
closed = False
closed_date = None
closer = None
components = ['SSL']
creation = <Date 2017-09-06.21:49:03.982>
creator = 'christian.heimes'
dependencies = []
files = []
hgrepos = []
issue_num = 31372
keywords = []
message_count = 2.0
messages = ['301526', '341525']
nosy_count = 2.0
nosy_names = ['christian.heimes', 'anthony shaw']
pr_nums = ['3395']
priority = 'normal'
resolution = None
stage = None
status = 'open'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue31372'
versions = ['Python 3.8']
    @tiran
    Copy link
    Member Author

    tiran commented Sep 6, 2017

    It might be useful to expose SSL_get_verify_result, https://wiki.openssl.org/index.php/Manual:SSL_get_verify_result(3) . The function returns the last verification error of 0 for no error. Application could still verify the chain with verify_mode = CERT_NONE.

    >>> import socket, ssl
>>> ctx = ssl.SSLContext()
>>> s = ctx.wrap_socket(socket.socket())
>>> s.connect(('www.python.org', 443))
>>> s._sslobj._sslobj.get_verify_result()
(20, 'unable to get local issuer certificate')

    @tiran tiran added the 3.7 (EOL) end of life label Sep 6, 2017
    @tiran tiran self-assigned this Sep 6, 2017
    @tiran tiran added topic-SSL type-feature A feature request or enhancement labels Sep 6, 2017
    @tiran tiran added 3.8 only security fixes and removed 3.7 (EOL) end of life labels Feb 26, 2018
    @tonybaloney
    Copy link
    Mannequin

    tonybaloney mannequin commented May 6, 2019

    Please review the PR again, some of the code no longer applies as it targets master and the PR is quite old.

    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    @erlend-aasland
    Copy link
    Contributor

    Closing as not-planned; see Christian's comment on the (closed) PR #3395 (comment):

    Let's not add this now.

    @erlend-aasland erlend-aasland closed this as not planned Won't fix, can't repro, duplicate, stale Jan 4, 2024
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees

    @tiran tiran

    Labels
    3.8 only security fixes topic-SSL type-feature A feature request or enhancement
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    2 participants
    @tiran @erlend-aasland