This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author samv
Recipients christian.heimes, docs@python, dstufft, pitrou, samv
Date 2014-04-22.00:14:17
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Perhaps the simplest thing here is to add a standard verify callback that catches verification errors, and returns the parsed server certificate as an attribute of the raised exception object.  From python, the exception can be caught and then the certificate data info used to fetch the intermediate certificate, and pass it into SSLContext.load_verify_locations().

This would force an extra client connection, but be less insane than trying to fetch and return the certificate from inside the SSL_CTX_set_verify() callback IMHO.

Does that sound workable?  Any hints for a would-be drive-by patcher?
Date User Action Args
2014-04-22 00:14:19samvsetrecipients: + samv, pitrou, christian.heimes, docs@python, dstufft
2014-04-22 00:14:18samvsetmessageid: <>
2014-04-22 00:14:17samvlinkissue18617 messages
2014-04-22 00:14:17samvcreate