Gitiles
Code Review Sign In
android-review.linaro.org / platform / external / python / pyopenssl / 33c5499ce34f5e1c7c2630c6a1446353eee31755
commit33c5499ce34f5e1c7c2630c6a1446353eee31755[log] [tgz]
authorShane Harvey <shane.harvey@mongodb.com>Wed Aug 05 16:48:51 2020 -0700
committerGitHub <noreply@github.com>Wed Aug 05 18:48:51 2020 -0500
tree45f4871892c7b5e29e46fca2009e5cf77dc9eaa8
parentbb971ae935059b73830ea2abe3f66391125b2bfb [diff]
Allow accessing a connection's verfied certificate chain (#894)

* Allow accessing a connection's verfied certificate chain

Add X509StoreContext.get_verified_chain using X509_STORE_CTX_get1_chain.
Add Connection.get_verified_chain using SSL_get0_verified_chain if
available (ie OpenSSL 1.1+) and X509StoreContext.get_verified_chain
otherwise.
Fixes #740.

* TLSv1_METHOD -> SSLv23_METHOD

* Use X509_up_ref instead of X509_dup

* Add _openssl_assert where appropriate

* SSL_get_peer_cert_chain should not be null

* Reformat with black

* Fix <OpenSSL.crypto.X509 object at 0x7fdbb59e8050> != <OpenSSL.crypto.X509 object at 0x7fdbb59daad0>

* Add Changelog entry

* Remove _add_chain
5 files changed
tree: 45f4871892c7b5e29e46fca2009e5cf77dc9eaa8
  1. .travis/
  2. doc/
  3. leakcheck/
  4. src/
  5. tests/
  6. .coveragerc
  7. .gitignore
  8. .travis.yml
  9. CHANGELOG.rst
  10. CODE_OF_CONDUCT.rst
  11. codecov.yml
  12. CONTRIBUTING.rst
  13. INSTALL.rst
  14. LICENSE
  15. MANIFEST.in
  16. pyproject.toml
  17. README.rst
  18. setup.cfg
  19. setup.py
  20. tox.ini