[issue18147] SSL: diagnostic functions to list loaded CA certs
Roundup Robot added the comment: New changeset d88b5469fdd3 by Antoine Pitrou in branch '3.4': Fix duplicate doc entry for SSLContext.get_ca_certs() https://hg.python.org/cpython/rev/d88b5469fdd3 New changeset d7352db81b50 by Antoine Pitrou in branch 'default': Fix duplicate doc entry for SSLContext.get_ca_certs() https://hg.python.org/cpython/rev/d7352db81b50 -- status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
R. David Murray added the comment: It looks like the doc for get_ca_certs wasn't missing, so now it appears twice in the docs. I'm not sure which is the preferred wording, so I'll leave it to Christian to fix it. -- nosy: +r.david.murray status: closed - open ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Roundup Robot added the comment: New changeset ae0734493f6b by Christian Heimes in branch 'default': Issue #18147: Add missing documentation for SSLContext.get_ca_certs(). http://hg.python.org/cpython/rev/ae0734493f6b -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Roundup Robot added the comment: New changeset 38e759e4c9e6 by Christian Heimes in branch 'default': Issue #18147: Add diagnostic functions to ssl.SSLContext(). http://hg.python.org/cpython/rev/38e759e4c9e6 -- nosy: +python-dev ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Changes by Christian Heimes li...@cheimes.de: -- resolution: - fixed stage: patch review - commit review ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Changes by Christian Heimes li...@cheimes.de: -- stage: commit review - committed/rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Christian Heimes added the comment: Updated patch with Antoine's review: * method is now called get_ca_certs() * cert_store_stats() returns total amount of X.509 as 'x509' key and X.509 certs with CA purpose in 'x509_ca'. * documentation -- Added file: http://bugs.python.org/file30610/ssl_ca_stats3.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Christian Heimes added the comment: New patch * method has been renamed to get_ca_list() and returns only CA certs * get_ca_list(binary_form=True) returns CA certs in DER format * cert_store_stats() returns three elements: X.509 CA cert count, X.509 non-CA count and CRL count -- Added file: http://bugs.python.org/file30550/ssl_ca_stats2.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
New submission from Christian Heimes: The patch adds two methods to SSLContext which return information about loaded x509 certs, CRL and CAs. Example: ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ctx.load_verify_locations(SVN_PYTHON_ORG_ROOT_CERT) ctx.cert_store_stats() {'crl': 0, 'x509': 1} ctx.get_ca_list() [{'issuer': ((('organizationName', 'Root CA'),), (('organizationalUnitName', 'http://www.cacert.org'),), (('commonName', 'CA Cert Signing Authority'),), (('emailAddress', 'supp...@cacert.org'),)), 'notAfter': 'Mar 29 12:29:49 2033 GMT', 'notBefore': 'Mar 30 12:29:49 2003 GMT', 'serialNumber': '00', 'subject': ((('organizationName', 'Root CA'),), (('organizationalUnitName', 'http://www.cacert.org'),), (('commonName', 'CA Cert Signing Authority'),), (('emailAddress', 'supp...@cacert.org'),)), 'version': 3}] -- components: Extension Modules files: ssl_ca_stats.patch keywords: patch messages: 190709 nosy: brett.cannon, christian.heimes, pitrou priority: normal severity: normal stage: patch review status: open title: SSL: diagnostic functions to list loaded CA certs type: enhancement versions: Python 3.4 Added file: http://bugs.python.org/file30481/ssl_ca_stats.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com