diff options
author | Zackery Spytz <zspytz@gmail.com> | 2021-04-24 04:46:01 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-04-24 04:46:01 (GMT) |
commit | b2fac1afaa7c0d41a263781fcf94d8a92dc31b48 (patch) | |
tree | aa6dcba68f2a3cdc9e8e0e622885715f4f5369cd /Doc/library | |
parent | 6c681e1a4aa2dbca61be9a26c9257d7d25fa29a7 (diff) | |
download | cpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.zip cpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.tar.gz cpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.tar.bz2 |
bpo-31870: Add a timeout parameter to ssl.get_server_certificate() (GH-22270)
Diffstat (limited to 'Doc/library')
-rw-r--r-- | Doc/library/ssl.rst | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index b9e5435..f7c49dc 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -426,7 +426,8 @@ Certificate handling previously. Return an integer (no fractions of a second in the input format) -.. function:: get_server_certificate(addr, ssl_version=PROTOCOL_TLS_CLIENT, ca_certs=None) +.. function:: get_server_certificate(addr, ssl_version=PROTOCOL_TLS_CLIENT, \ + ca_certs=None[, timeout]) Given the address ``addr`` of an SSL-protected server, as a (*hostname*, *port-number*) pair, fetches the server's certificate, and returns it as a @@ -436,7 +437,8 @@ Certificate handling same format as used for the same parameter in :meth:`SSLContext.wrap_socket`. The call will attempt to validate the server certificate against that set of root certificates, and will fail - if the validation attempt fails. + if the validation attempt fails. A timeout can be specified with the + ``timeout`` parameter. .. versionchanged:: 3.3 This function is now IPv6-compatible. @@ -445,6 +447,9 @@ Certificate handling The default *ssl_version* is changed from :data:`PROTOCOL_SSLv3` to :data:`PROTOCOL_TLS` for maximum compatibility with modern servers. + .. versionchanged:: 3.10 + The *timeout* parameter was added. + .. function:: DER_cert_to_PEM_cert(DER_cert_bytes) Given a certificate as a DER-encoded blob of bytes, returns a PEM-encoded |