Message 230281 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	mathieui
Recipients	gvanrossum, mathieui, vstinner, yselivanov
Date	2014-10-30.18:18:56
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1414693136.26.0.003644122895.issue22768@psf.upfronthosting.co.za>
In-reply-to

Content
Currently, the only workaround is to use transport._sock.getpeercert(True) on the Transport returned by loop.create_connection(), which is not something to be encouraged. It is useful to get such information, for example to perform a manual certificate check against a previously recorded certificate or hash. I attached a trivial patch adding an extra 'peercert_bin' info, but I do not know if this is the right approach, as other issues of feature disparity might arise when more people try to switch to asyncio. Exposing a proxy SSLSocket object for read-only functions might be more beneficial.

Currently, the only workaround is to use transport._sock.getpeercert(True) on the Transport returned by loop.create_connection(), which is not something to be encouraged. It is useful to get such information, for example to perform a manual certificate check against a previously recorded certificate or hash.

I attached a trivial patch adding an extra 'peercert_bin' info, but I do not know if this is the right approach, as other issues of feature disparity might arise when more people try to switch to asyncio. Exposing a proxy SSLSocket object for read-only functions might be more beneficial.

History
Date	User	Action	Args
2014-10-30 18:18:56	mathieui	set	recipients: + mathieui, gvanrossum, vstinner, yselivanov
2014-10-30 18:18:56	mathieui	set	messageid: <1414693136.26.0.003644122895.issue22768@psf.upfronthosting.co.za>
2014-10-30 18:18:56	mathieui	link	issue22768 messages
2014-10-30 18:18:56	mathieui	create