[Python-checkins] r86498 - in python/branches/py3k: Doc/library/ssl.rst Lib/test/test_ssl.py Misc/NEWS Modules/_ssl.c
antoine.pitrou
python-checkins at python.org
Wed Nov 17 21:29:42 CET 2010
Author: antoine.pitrou
Date: Wed Nov 17 21:29:42 2010
New Revision: 86498
Log:
Issue #10443: Add the SSLContext.set_default_verify_paths() method.
Modified:
python/branches/py3k/Doc/library/ssl.rst
python/branches/py3k/Lib/test/test_ssl.py
python/branches/py3k/Misc/NEWS
python/branches/py3k/Modules/_ssl.c
Modified: python/branches/py3k/Doc/library/ssl.rst
==============================================================================
--- python/branches/py3k/Doc/library/ssl.rst (original)
+++ python/branches/py3k/Doc/library/ssl.rst Wed Nov 17 21:29:42 2010
@@ -536,6 +536,15 @@
following an `OpenSSL specific layout
<http://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html>`_.
+.. method:: SSLContext.set_default_verify_paths()
+
+ Load a set of default "certification authority" (CA) certificates from
+ a filesystem path defined when building the OpenSSL library. Unfortunately,
+ there's no easy way to know whether this method succeeds: no error is
+ returned if no certificates are to be found. When the OpenSSL library is
+ provided as part of the operating system, though, it is likely to be
+ configured properly.
+
.. method:: SSLContext.set_ciphers(ciphers)
Set the available ciphers for sockets created with this context.
Modified: python/branches/py3k/Lib/test/test_ssl.py
==============================================================================
--- python/branches/py3k/Lib/test/test_ssl.py (original)
+++ python/branches/py3k/Lib/test/test_ssl.py Wed Nov 17 21:29:42 2010
@@ -412,6 +412,12 @@
'cache_full': 0,
})
+ def test_set_default_verify_paths(self):
+ # There's not much we can do to test that it acts as expected,
+ # so just check it doesn't crash or raise an exception.
+ ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
+ ctx.set_default_verify_paths()
+
class NetworkedTests(unittest.TestCase):
Modified: python/branches/py3k/Misc/NEWS
==============================================================================
--- python/branches/py3k/Misc/NEWS (original)
+++ python/branches/py3k/Misc/NEWS Wed Nov 17 21:29:42 2010
@@ -13,6 +13,8 @@
Library
-------
+- Issue #10443: Add the SSLContext.set_default_verify_paths() method.
+
- Issue #10440: Support RUSAGE_THREAD as a constant in the resource module.
Patch by Robert Collins.
Modified: python/branches/py3k/Modules/_ssl.c
==============================================================================
--- python/branches/py3k/Modules/_ssl.c (original)
+++ python/branches/py3k/Modules/_ssl.c Wed Nov 17 21:29:42 2010
@@ -1783,6 +1783,16 @@
return NULL;
}
+static PyObject *
+set_default_verify_paths(PySSLContext *self, PyObject *unused)
+{
+ if (!SSL_CTX_set_default_verify_paths(self->ctx)) {
+ _setSSLError(NULL, 0, __FILE__, __LINE__);
+ return NULL;
+ }
+ Py_RETURN_NONE;
+}
+
static PyGetSetDef context_getsetlist[] = {
{"options", (getter) get_options,
(setter) set_options, NULL},
@@ -1802,6 +1812,8 @@
METH_VARARGS | METH_KEYWORDS, NULL},
{"session_stats", (PyCFunction) session_stats,
METH_NOARGS, NULL},
+ {"set_default_verify_paths", (PyCFunction) set_default_verify_paths,
+ METH_NOARGS, NULL},
{NULL, NULL} /* sentinel */
};
More information about the Python-checkins
mailing list