diff options
| author | Zackery Spytz <zspytz@gmail.com> | 2021-04-24 04:46:01 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-24 04:46:01 (GMT) |
| commit | b2fac1afaa7c0d41a263781fcf94d8a92dc31b48 (patch) | |
| tree | aa6dcba68f2a3cdc9e8e0e622885715f4f5369cd /Doc | |
| parent | 6c681e1a4aa2dbca61be9a26c9257d7d25fa29a7 (diff) | |
| download | cpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.zip cpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.tar.gz cpython-b2fac1afaa7c0d41a263781fcf94d8a92dc31b48.tar.bz2 | |
bpo-31870: Add a timeout parameter to ssl.get_server_certificate() (GH-22270)
Diffstat (limited to 'Doc')
| -rw-r--r-- | Doc/library/ssl.rst | 9 | ||||
| -rw-r--r-- | Doc/whatsnew/3.10.rst | 6 |
2 files changed, 13 insertions, 2 deletions
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index b9e5435..f7c49dc 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -426,7 +426,8 @@ Certificate handling previously. Return an integer (no fractions of a second in the input format) -.. function:: get_server_certificate(addr, ssl_version=PROTOCOL_TLS_CLIENT, ca_certs=None) +.. function:: get_server_certificate(addr, ssl_version=PROTOCOL_TLS_CLIENT, \ + ca_certs=None[, timeout]) Given the address ``addr`` of an SSL-protected server, as a (*hostname*, *port-number*) pair, fetches the server's certificate, and returns it as a @@ -436,7 +437,8 @@ Certificate handling same format as used for the same parameter in :meth:`SSLContext.wrap_socket`. The call will attempt to validate the server certificate against that set of root certificates, and will fail - if the validation attempt fails. + if the validation attempt fails. A timeout can be specified with the + ``timeout`` parameter. .. versionchanged:: 3.3 This function is now IPv6-compatible. @@ -445,6 +447,9 @@ Certificate handling The default *ssl_version* is changed from :data:`PROTOCOL_SSLv3` to :data:`PROTOCOL_TLS` for maximum compatibility with modern servers. + .. versionchanged:: 3.10 + The *timeout* parameter was added. + .. function:: DER_cert_to_PEM_cert(DER_cert_bytes) Given a certificate as a DER-encoded blob of bytes, returns a PEM-encoded diff --git a/Doc/whatsnew/3.10.rst b/Doc/whatsnew/3.10.rst index 247749a..78f3c2d 100644 --- a/Doc/whatsnew/3.10.rst +++ b/Doc/whatsnew/3.10.rst @@ -1062,6 +1062,12 @@ The exception :exc:`socket.timeout` is now an alias of :exc:`TimeoutError`. Added option to create MPTCP sockets with ``IPPROTO_MPTCP`` (Contributed by Rui Cunha in :issue:`43571`.) +ssl +--- + +Add a *timeout* parameter to the :func:`ssl.get_server_certificate` function. +(Contributed by Zackery Spytz in :issue:`31870`.) + sys --- |