Message 251323 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	asvetlov
Recipients	asvetlov, gvanrossum, vstinner, yselivanov
Date	2015-09-22.14:16:36
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1442931397.2.0.469066320907.issue25214@psf.upfronthosting.co.za>
In-reply-to

Content
Before using SSL BIO (which is great itself BTW) I has a way to access peers certificate by `ssl_transp.get_extra_info('socket').getpeercert()` call. Now socket is a regular socket without `.getpeercert()` method. I use hack like `ssl_transp._ssl_protocol._sslpipe.ssl_object.getpeercert()` as workaround but really interesting in the proper way to do this using public API only. I suggest adding 'ssl_object' key to `ssl_proto` for BIO-based SSL. Thoughts? P.S. See aiohttp commit for workaround bugfix: https://github.com/KeepSafe/aiohttp/commit/e286d4f9fb1993de2438bdca40712cf1660faf9e

Before using SSL BIO (which is great itself BTW) I has a way to access peers certificate by `ssl_transp.get_extra_info('socket').getpeercert()` call.

Now socket is a regular socket without `.getpeercert()` method.
I use hack like `ssl_transp._ssl_protocol._sslpipe.ssl_object.getpeercert()` as workaround but really interesting in the proper way to do this using public API only.

I suggest adding 'ssl_object' key to `ssl_proto` for BIO-based SSL.

Thoughts?

P.S.
See aiohttp commit for workaround bugfix: https://github.com/KeepSafe/aiohttp/commit/e286d4f9fb1993de2438bdca40712cf1660faf9e

History
Date	User	Action	Args
2015-09-22 14:16:37	asvetlov	set	recipients: + asvetlov, gvanrossum, vstinner, yselivanov
2015-09-22 14:16:37	asvetlov	set	messageid: <1442931397.2.0.469066320907.issue25214@psf.upfronthosting.co.za>
2015-09-22 14:16:37	asvetlov	link	issue25214 messages
2015-09-22 14:16:36	asvetlov	create