[issue2838] Verify callback for SSL
Ruben Kerkhof [EMAIL PROTECTED] added the comment: Hi Bill, When I include the server certificate in ca_certs, verification succeeds, and I can view the peer certificate dict with getpeercert(False) When I set ca_certs to none and ssl.CERT_NONE, I can still call getpeercert(True) and call DER_cert_to_PEM_cert to get the same PEM certificate. SSL is all new to me, so forgive me if I talk nonsense, but what I'm trying to do is the following: I receive a key from Bob which is a digest of his servers certificate. To make sure I'm really talking to Bob I need to decrypt his servers signature with his public key and check the resulting digest against my key. So I have to ignore failures like X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT and X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, but detect things like X509_V_ERR_CERT_SIGNATURE_FAILURE. The idea is based on what foolscap is doing with FURLS (http://foolscap.lothar.com/trac) Am I making sense? __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2838 __ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue2838] Verify callback for SSL
New submission from Ruben Kerkhof [EMAIL PROTECTED]: I've been playing with the new SSL module, and so far it works great. However, when using it to connect to a host with a self signed certificate, verification fails when I specify ssl.CERT_REQUIRED (as expected). I know that I'm connecting to a host with a self signed certificate, so I want to be able to ignore that error. At the moment, the only option I see is to specify ssl.CERT_NONE and verify the DER certificate by hand. It would be great if I could specify a callback function that can ignore certain errors, and does additional checking. -- components: Library (Lib) messages: 66746 nosy: ruben severity: normal status: open title: Verify callback for SSL type: feature request versions: Python 2.6 __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2838 __ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue2740] Cmd module doesn't support readline completion on OSX Leopard
Ruben Kerkhof [EMAIL PROTECTED] added the comment: Documenting this would be great, since it caught me by surprise and took a while to figure out. To get the Cmd module to work, atm you have to override the call to parse_and_bind, setting self.completekey isn't enough, so that one is broken on Leopard. Patching the readline module is indeed a lot of work, you need to convert readline names like 'Tab' to integers to pass them to libedit, and convert the syntax as well. It would be better if libedit would just accept readline syntax, but that's outside the scope of Python. __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2740 __ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue2740] Cmd module doesn't support readline completion on OSX Leopard
New submission from Ruben Kerkhof [EMAIL PROTECTED]: Hi, Leopard ships with libedit, which is almost the same as readline, but has another way to configure completion keys. To enable tab completion you have to use rl.parse_and_bind(bind ^I complete) instead of rl.parse_and_bind(bind ^I rl_complete) instead of rl.parse_and_bind(tab: complete). The guys from IPython patched around it, see http://ipython.scipy.org/moin/InstallationOSXLeopard/LeopardPythonReadli ne, but is seems to me this is better solved in the python readline module itself. -- components: Library (Lib) messages: 66101 nosy: ruben severity: normal status: open title: Cmd module doesn't support readline completion on OSX Leopard type: behavior versions: Python 2.5 __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2740 __ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com