[Python-checkins] r87580 - in python/branches/py3k/Tools: framer scripts/get-remote-certificate.py ssl/get-remote-certificate.py world

georg.brandl python-checkins at python.org
Thu Dec 30 18:32:22 CET 2010 

Author: georg.brandl
Date: Thu Dec 30 18:32:22 2010
New Revision: 87580

Log:
Clean up tools: remove "world" and "framer", move single SSL script to scripts/.

Added:
   python/branches/py3k/Tools/scripts/get-remote-certificate.py
      - copied unchanged from r87579, /python/branches/py3k/Tools/ssl/get-remote-certificate.py
Removed:
   python/branches/py3k/Tools/framer/
   python/branches/py3k/Tools/ssl/get-remote-certificate.py
   python/branches/py3k/Tools/world/

Deleted: python/branches/py3k/Tools/ssl/get-remote-certificate.py
==============================================================================
--- python/branches/py3k/Tools/ssl/get-remote-certificate.py	Thu Dec 30 18:32:22 2010
+++ (empty file)
@@ -1,83 +0,0 @@
-#!/usr/bin/env python3
-#
-# fetch the certificate that the server(s) are providing in PEM form
-#
-# args are HOST:PORT [, HOST:PORT...]
-#
-# By Bill Janssen.
-
-import re
-import os
-import ssl
-import sys
-import tempfile
-
-
-def fetch_server_certificate (host, port):
-
-    def subproc(cmd):
-        from subprocess import Popen, PIPE, STDOUT
-        proc = Popen(cmd, stdout=PIPE, stderr=STDOUT, shell=True)
-        status = proc.wait()
-        output = proc.stdout.read()
-        return status, output
-
-    def strip_to_x509_cert(certfile_contents, outfile=None):
-        m = re.search(br"^([-]+BEGIN CERTIFICATE[-]+[\r]*\n"
-                      br".*[\r]*^[-]+END CERTIFICATE[-]+)$",
-                      certfile_contents, re.MULTILINE | re.DOTALL)
-        if not m:
-            return None
-        else:
-            tn = tempfile.mktemp()
-            fp = open(tn, "wb")
-            fp.write(m.group(1) + b"\n")
-            fp.close()
-            try:
-                tn2 = (outfile or tempfile.mktemp())
-                status, output = subproc(r'openssl x509 -in "%s" -out "%s"' %
-                                         (tn, tn2))
-                if status != 0:
-                    raise OperationError(status, tsig, output)
-                fp = open(tn2, 'rb')
-                data = fp.read()
-                fp.close()
-                os.unlink(tn2)
-                return data
-            finally:
-                os.unlink(tn)
-
-    if sys.platform.startswith("win"):
-        tfile = tempfile.mktemp()
-        fp = open(tfile, "w")
-        fp.write("quit\n")
-        fp.close()
-        try:
-            status, output = subproc(
-                'openssl s_client -connect "%s:%s" -showcerts < "%s"' %
-                (host, port, tfile))
-        finally:
-            os.unlink(tfile)
-    else:
-        status, output = subproc(
-            'openssl s_client -connect "%s:%s" -showcerts < /dev/null' %
-            (host, port))
-    if status != 0:
-        raise OSError(status)
-    certtext = strip_to_x509_cert(output)
-    if not certtext:
-        raise ValueError("Invalid response received from server at %s:%s" %
-                         (host, port))
-    return certtext
-
-
-if __name__ == "__main__":
-    if len(sys.argv) < 2:
-        sys.stderr.write(
-            "Usage:  %s HOSTNAME:PORTNUMBER [, HOSTNAME:PORTNUMBER...]\n" %
-            sys.argv[0])
-        sys.exit(1)
-    for arg in sys.argv[1:]:
-        host, port = arg.split(":")
-        sys.stdout.buffer.write(fetch_server_certificate(host, int(port)))
-    sys.exit(0)

More information about the Python-checkins mailing list