summaryrefslogtreecommitdiffstats
path: root/Doc/library
diff options
context:
space:
mode:
authorZackery Spytz <zspytz@gmail.com>2021-04-24 04:46:01 (GMT)
committerGitHub <noreply@github.com>2021-04-24 04:46:01 (GMT)
commitb2fac1afaa7c0d41a263781fcf94d8a92dc31b48 (patch)
treeaa6dcba68f2a3cdc9e8e0e622885715f4f5369cd /Doc/library
parent6c681e1a4aa2dbca61be9a26c9257d7d25fa29a7 (diff)
downloadcpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.zip
cpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.tar.gz
cpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.tar.bz2
bpo-31870: Add a timeout parameter to ssl.get_server_certificate() (GH-22270)
Diffstat (limited to 'Doc/library')
-rw-r--r--Doc/library/ssl.rst9
1 files changed, 7 insertions, 2 deletions
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
index b9e5435..f7c49dc 100644
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -426,7 +426,8 @@ Certificate handling
previously. Return an integer (no fractions of a second in the
input format)
-.. function:: get_server_certificate(addr, ssl_version=PROTOCOL_TLS_CLIENT, ca_certs=None)
+.. function:: get_server_certificate(addr, ssl_version=PROTOCOL_TLS_CLIENT, \
+ ca_certs=None[, timeout])
Given the address ``addr`` of an SSL-protected server, as a (*hostname*,
*port-number*) pair, fetches the server's certificate, and returns it as a
@@ -436,7 +437,8 @@ Certificate handling
same format as used for the same parameter in
:meth:`SSLContext.wrap_socket`. The call will attempt to validate the
server certificate against that set of root certificates, and will fail
- if the validation attempt fails.
+ if the validation attempt fails. A timeout can be specified with the
+ ``timeout`` parameter.
.. versionchanged:: 3.3
This function is now IPv6-compatible.
@@ -445,6 +447,9 @@ Certificate handling
The default *ssl_version* is changed from :data:`PROTOCOL_SSLv3` to
:data:`PROTOCOL_TLS` for maximum compatibility with modern servers.
+ .. versionchanged:: 3.10
+ The *timeout* parameter was added.
+
.. function:: DER_cert_to_PEM_cert(DER_cert_bytes)
Given a certificate as a DER-encoded blob of bytes, returns a PEM-encoded