This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author zwol
Recipients Hiroaki.Kawai, asmodai, chaen, chet, chrisburr, christian.heimes, dsoprea, dstufft, jcea, joernheissler, kwatsen, maker, miki725, mmasztalerczuk, njs, pitrou, underrun, zwol
Date 2020-06-29.20:42:38
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
I have yet another use case for the function implemented by this patch (i.e. retrieving the cert chain actually sent by the server, regardless of whether that gives a path to a trust anchor).  I'm implementing a network forensics tool, and one of the situations it's supposed to detect is when a man-in-the-middle is attempting to substitute its own cert for a site's "legitimate" cert (yes, possibly having suborned a public CA in order to do so).  To make all of the planned heuristics for this work correctly, I need to record exactly what came over the wire.

If it would be useful for me to dust off the patch and/or implement the _other_ function that people requested (retrieve the chain that OpenSSL concluded was a valid chain to an accepted trust anchor)  I can probably scare up time to do so in the next week or two.  I imagine it's too late for 3.8 patch releases at this point, but assuming I did this, could it make 3.9?
Date User Action Args
2020-06-29 20:42:38zwolsetrecipients: + zwol, jcea, pitrou, christian.heimes, asmodai, njs, maker, Hiroaki.Kawai, underrun, dstufft, dsoprea, miki725, mmasztalerczuk, chet, joernheissler, chaen, chrisburr, kwatsen
2020-06-29 20:42:38zwolsetmessageid: <>
2020-06-29 20:42:38zwollinkissue18233 messages
2020-06-29 20:42:38zwolcreate