Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2010-November/105573.html below:

[Python-Dev] [Python-checkins] r86441 - python/branches/py3k/Lib/test/test_nntplib.py

• Previous message: [Python-Dev] [Python-checkins] r86441 - python/branches/py3k/Lib/test/test_nntplib.py
• Next message: [Python-Dev] [Python-checkins] r86441 - python/branches/py3k/Lib/test/test_nntplib.py
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Antoine Pitrou <solipsis at pitrou.net> wrote:

> On Sat, 13 Nov 2010 07:30:05 -0500
> James Y Knight <foom at fuhm.net> wrote:
> > On Nov 13, 2010, at 7:08 AM, Antoine Pitrou wrote:
> > > Funny, it shows that the NNTP SSL tests don't check the certificate,
> > > then.
> > 
> > Unsurprising, given that you need 140 lines of pretty non-obvious python code to do so...
> 
> You must have missed the new match_hostname() function:
> http://docs.python.org/dev/library/ssl.html#ssl.match_hostname
> 
> (its implementation is 50 lines rather than 140 lines, though)

On the client side, it's pretty easy to see an invalid (say, expired)
certificate.  Just call get_server_certificate(), which will fail if the
server certificate is invalid.

That's a separate issue from matching the request hostname to the
various host identifiers in the certificate, which various application
protocols may or may not require.

Bill

• Previous message: [Python-Dev] [Python-checkins] r86441 - python/branches/py3k/Lib/test/test_nntplib.py
• Next message: [Python-Dev] [Python-checkins] r86441 - python/branches/py3k/Lib/test/test_nntplib.py
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4