Closed GoogleCodeExporter closed 8 years ago
The standard socket.ssl just provide server() and issuer() functions. We can't
get
the server certificate. I just had a look to M2Crypto.httpslib.HTTPSConnection
wich
rewrites mainly the connect method using it's own SSL object. May be it's not
too
difficult?
Original comment by Ernesto....@gmail.com
on 1 Jul 2008 at 1:04
The following patch integrates M2Crypto.SSL with httplib2. It's a proof of
concept
and not exhaustively tested.
Original comment by Ernesto....@gmail.com
on 2 Jul 2008 at 9:48
Attachments:
There seems to be a problem with M2Crypto and timeouts, documented here:
https://bugzilla.osafoundation.org/show_bug.cgi?id=2341
We'll have a look at python-pyopenssl.
Original comment by Ernesto....@gmail.com
on 3 Jul 2008 at 2:00
What about using the new ssl module from 2.6?
It's avaible for older versions as well.
Original comment by ve...@gmx.ch
on 27 Oct 2008 at 11:21
Yes, this would be great. We'are still using python 2.5. We use actually pycurl,
because of some issues with timeouts in ssl connection under m2crypto and
python-openssl. I hope that python 2.6 will resolve the issue.
Original comment by Ernesto....@gmail.com
on 10 Nov 2008 at 1:41
Is this issue still valid? on python > 2.5 ... the Http class will use
HTTPSConnectionWithTimeout if the scheme is https :)
Original comment by db.pub.m...@gmail.com
on 29 Sep 2010 at 6:46
Issue 116 has been merged into this issue.
Original comment by joe.gregorio@gmail.com
on 29 Sep 2010 at 8:07
Hi, attached is a patch for the python2 version that adds basic certificate
verification. It will first attempt to use the ssl module (python >2.6, or if
you've installed ssl 1.15 for python >2.3). If that fails that it will try to
use M2Crypto, finally falling back on socket.ssl but without cert verification.
The only change to the interface is the addition of a set_ca_file(ca_file)
method which tells httplib2 to do cert verification using the provided CA file
in PEM format.
This has only been tested using python 2.6 on Ubuntu, and python 2.4.3 with
both M2Crypto and python-ssl on RHEL 5 / CentOS 5.
This patch also contains a fix for issue 62 (sorry for mixing issues) and some
file checks when adding certs because I found I was getting misleading error
messages when giving wrong filenames by accident.
Original comment by davi...@gmail.com
on 13 May 2011 at 2:33
Attachments:
Certification validation has been added.
Original comment by joe.gregorio@gmail.com
on 13 Jun 2011 at 4:53
Original issue reported on code.google.com by
joe.gregorio@gmail.com
on 31 Jul 2007 at 1:15