diff options
author | Christian Heimes <christian@cheimes.de> | 2013-06-09 16:02:55 (GMT) |
---|---|---|
committer | Christian Heimes <christian@cheimes.de> | 2013-06-09 16:02:55 (GMT) |
commit | 6d7ad13a458afdf2cbdd0c3349b0589d7776cc8a (patch) | |
tree | 47e14221e1b28d34be82fe6a3e5fa554c03f51a1 /Modules | |
parent | 302b8c31ecefba371271ca51359ef30fcb3ddbcd (diff) | |
download | cpython-6d7ad13a458afdf2cbdd0c3349b0589d7776cc8a.zip cpython-6d7ad13a458afdf2cbdd0c3349b0589d7776cc8a.tar.gz cpython-6d7ad13a458afdf2cbdd0c3349b0589d7776cc8a.tar.bz2 |
Issue #18143: Implement ssl.get_default_verify_paths() in order to debug
the default locations for cafile and capath.
Diffstat (limited to 'Modules')
-rw-r--r-- | Modules/_ssl.c | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index c64d209..f4cd38b 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2761,6 +2761,46 @@ fails or if it does provide enough data to seed PRNG."); #endif +PyDoc_STRVAR(PySSL_get_default_verify_paths_doc, +"get_default_verify_paths() -> tuple\n\ +\n\ +Return search paths and environment vars that are used by SSLContext's\n\ +set_default_verify_paths() to load default CAs. The values are\n\ +'cert_file_env', 'cert_file', 'cert_dir_env', 'cert_dir'."); + +static PyObject * +get_default_verify_paths(PyObject *self) +{ + PyObject *ofile_env = NULL; + PyObject *ofile = NULL; + PyObject *odir_env = NULL; + PyObject *odir = NULL; + +#define convert(info, target) { \ + const char *tmp = (info); \ + target = NULL; \ + if (!tmp) { Py_INCREF(Py_None); target = Py_None; } \ + else if ((target = PyUnicode_DecodeFSDefault(tmp)) == NULL) { \ + target = PyBytes_FromString(tmp); } \ + if (!target) goto error; \ + } while(0) + + convert(X509_get_default_cert_file_env(), ofile_env); + convert(X509_get_default_cert_file(), ofile); + convert(X509_get_default_cert_dir_env(), odir_env); + convert(X509_get_default_cert_dir(), odir); +#undef convert + + return Py_BuildValue("(OOOO)", ofile_env, ofile, odir_env, odir); + + error: + Py_XDECREF(ofile_env); + Py_XDECREF(ofile); + Py_XDECREF(odir_env); + Py_XDECREF(odir); + return NULL; +} + /* List of functions exported by this module. */ @@ -2779,6 +2819,8 @@ static PyMethodDef PySSL_methods[] = { PySSL_RAND_egd_doc}, {"RAND_status", (PyCFunction)PySSL_RAND_status, METH_NOARGS, PySSL_RAND_status_doc}, + {"get_default_verify_paths", (PyCFunction)get_default_verify_paths, + METH_NOARGS, PySSL_get_default_verify_paths_doc}, #endif {NULL, NULL} /* Sentinel */ }; |