[issue18147] SSL: diagnostic functions to list loaded CA certs
Roundup Robot added the comment: New changeset d88b5469fdd3 by Antoine Pitrou in branch '3.4': Fix duplicate doc entry for SSLContext.get_ca_certs() https://hg.python.org/cpython/rev/d88b5469fdd3 New changeset d7352db81b50 by Antoine Pitrou in branch 'default': Fix duplicate doc entry for SSLContext.get_ca_certs() https://hg.python.org/cpython/rev/d7352db81b50 -- status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
R. David Murray added the comment: It looks like the doc for get_ca_certs wasn't missing, so now it appears twice in the docs. I'm not sure which is the preferred wording, so I'll leave it to Christian to fix it. -- nosy: +r.david.murray status: closed - open ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Roundup Robot added the comment: New changeset ae0734493f6b by Christian Heimes in branch 'default': Issue #18147: Add missing documentation for SSLContext.get_ca_certs(). http://hg.python.org/cpython/rev/ae0734493f6b -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Roundup Robot added the comment: New changeset 38e759e4c9e6 by Christian Heimes in branch 'default': Issue #18147: Add diagnostic functions to ssl.SSLContext(). http://hg.python.org/cpython/rev/38e759e4c9e6 -- nosy: +python-dev ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Changes by Christian Heimes li...@cheimes.de: -- resolution: - fixed stage: patch review - commit review ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Changes by Christian Heimes li...@cheimes.de: -- stage: commit review - committed/rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Christian Heimes added the comment: Updated patch with Antoine's review: * method is now called get_ca_certs() * cert_store_stats() returns total amount of X.509 as 'x509' key and X.509 certs with CA purpose in 'x509_ca'. * documentation -- Added file: http://bugs.python.org/file30610/ssl_ca_stats3.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
Christian Heimes added the comment: New patch * method has been renamed to get_ca_list() and returns only CA certs * get_ca_list(binary_form=True) returns CA certs in DER format * cert_store_stats() returns three elements: X.509 CA cert count, X.509 non-CA count and CRL count -- Added file: http://bugs.python.org/file30550/ssl_ca_stats2.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18147 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18147] SSL: diagnostic functions to list loaded CA certs
New submission from Christian Heimes:
The patch adds two methods to SSLContext which return information about loaded
x509 certs, CRL and CAs.
Example:
ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
ctx.load_verify_locations(SVN_PYTHON_ORG_ROOT_CERT)
ctx.cert_store_stats()
{'crl': 0, 'x509': 1}
ctx.get_ca_list()
[{'issuer': ((('organizationName', 'Root CA'),),
(('organizationalUnitName', 'http://www.cacert.org'),),
(('commonName', 'CA Cert Signing Authority'),),
(('emailAddress', 'supp...@cacert.org'),)),
'notAfter': 'Mar 29 12:29:49 2033 GMT',
'notBefore': 'Mar 30 12:29:49 2003 GMT',
'serialNumber': '00',
'subject': ((('organizationName', 'Root CA'),),
(('organizationalUnitName', 'http://www.cacert.org'),),
(('commonName', 'CA Cert Signing Authority'),),
(('emailAddress', 'supp...@cacert.org'),)),
'version': 3}]
--
components: Extension Modules
files: ssl_ca_stats.patch
keywords: patch
messages: 190709
nosy: brett.cannon, christian.heimes, pitrou
priority: normal
severity: normal
stage: patch review
status: open
title: SSL: diagnostic functions to list loaded CA certs
type: enhancement
versions: Python 3.4
Added file: http://bugs.python.org/file30481/ssl_ca_stats.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue18147
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
