diff options
| author | Christian Heimes <christian@python.org> | 2021-04-26 13:01:40 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-26 13:01:40 (GMT) |
| commit | 666991fc598bc312d72aff0078ecb553f0a968f1 (patch) | |
| tree | 7fa615cd3d075120eb98cf4cea879a753c06e33f /Modules/clinic | |
| parent | 3c586ca500854476e6eff06713236faff233d035 (diff) | |
| download | cpython-666991fc598bc312d72aff0078ecb553f0a968f1.zip cpython-666991fc598bc312d72aff0078ecb553f0a968f1.tar.gz cpython-666991fc598bc312d72aff0078ecb553f0a968f1.tar.bz2 | |
bpo-18233: Add internal methods to access peer chain (GH-25467)
The internal `_ssl._SSLSocket` object now provides methods to retrieve
the peer cert chain and verified cert chain as a list of Certificate
objects. Certificate objects have methods to convert the cert to a dict,
PEM, or DER (ASN.1).
These are private APIs for now. There is a slim chance to stabilize the
approach and provide a public API for 3.10. Otherwise I'll provide a
stable API in 3.11.
Signed-off-by: Christian Heimes <christian@python.org>
Diffstat (limited to 'Modules/clinic')
| -rw-r--r-- | Modules/clinic/_ssl.c.h | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/Modules/clinic/_ssl.c.h b/Modules/clinic/_ssl.c.h index c209c63..b153c30 100644 --- a/Modules/clinic/_ssl.c.h +++ b/Modules/clinic/_ssl.c.h @@ -88,6 +88,40 @@ exit: return return_value; } +PyDoc_STRVAR(_ssl__SSLSocket_get_verified_chain__doc__, +"get_verified_chain($self, /)\n" +"--\n" +"\n"); + +#define _SSL__SSLSOCKET_GET_VERIFIED_CHAIN_METHODDEF \ + {"get_verified_chain", (PyCFunction)_ssl__SSLSocket_get_verified_chain, METH_NOARGS, _ssl__SSLSocket_get_verified_chain__doc__}, + +static PyObject * +_ssl__SSLSocket_get_verified_chain_impl(PySSLSocket *self); + +static PyObject * +_ssl__SSLSocket_get_verified_chain(PySSLSocket *self, PyObject *Py_UNUSED(ignored)) +{ + return _ssl__SSLSocket_get_verified_chain_impl(self); +} + +PyDoc_STRVAR(_ssl__SSLSocket_get_unverified_chain__doc__, +"get_unverified_chain($self, /)\n" +"--\n" +"\n"); + +#define _SSL__SSLSOCKET_GET_UNVERIFIED_CHAIN_METHODDEF \ + {"get_unverified_chain", (PyCFunction)_ssl__SSLSocket_get_unverified_chain, METH_NOARGS, _ssl__SSLSocket_get_unverified_chain__doc__}, + +static PyObject * +_ssl__SSLSocket_get_unverified_chain_impl(PySSLSocket *self); + +static PyObject * +_ssl__SSLSocket_get_unverified_chain(PySSLSocket *self, PyObject *Py_UNUSED(ignored)) +{ + return _ssl__SSLSocket_get_unverified_chain_impl(self); +} + PyDoc_STRVAR(_ssl__SSLSocket_shared_ciphers__doc__, "shared_ciphers($self, /)\n" "--\n" @@ -1324,4 +1358,4 @@ exit: #ifndef _SSL_ENUM_CRLS_METHODDEF #define _SSL_ENUM_CRLS_METHODDEF #endif /* !defined(_SSL_ENUM_CRLS_METHODDEF) */ -/*[clinic end generated code: output=8736d838c9059151 input=a9049054013a1b77]*/ +/*[clinic end generated code: output=3b6f4471fb187d85 input=a9049054013a1b77]*/ |