Home Original page

Message 281230 - Python tracker

Message281230

Author steve.dower
Recipients christian.heimes, ned.deily, steve.dower
Date 2016-11-19.21:36:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1479591372.9.0.198427018061.issue28747@psf.upfronthosting.co.za>
In-reply-to
Content 
As a prerequisite for fixing issues such as issue20916 (dynamic download/update of CAs and CRLs), we really need to be able to plug into the certificate verification function for OpenSSL.

This patch adds SSLContext._set_cert_verify_callback, which will allow Python code to inject its own verification function.

No other functionality is added, but I have proof-of-concept code that uses this patch to delegate all certificate handling to Windows and it works beautifully (better than I expected :) ).

If possible, I'd like to get this into Python 3.6. I intend to turn that proof-of-concept into an actual released library and would like to be able to do it sooner rather than later. Targeting 3.6 is the main reason I named the function with an underscore, but I'd be happy to drop it.
History
Date User Action Args
2016-11-19 21:36:12steve.dowersetrecipients: + steve.dower, christian.heimes, ned.deily
2016-11-19 21:36:12steve.dowersetmessageid: <1479591372.9.0.198427018061.issue28747@psf.upfronthosting.co.za>
2016-11-19 21:36:12steve.dowerlinkissue28747 messages
2016-11-19 21:36:12steve.dowercreate