Message246488
| Author |
martius |
| Recipients |
asvetlov, brandon-rhodes, christian.heimes, dstufft, giampaolo.rodola, jcea, kristjan.jonsson, martius, pitrou, vstinner |
| Date |
2015年07月09日.13:01:52 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1436446913.51.0.137657304844.issue16487@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
Hi,
I would like to update this patch so it can finally land in cpython, hopefully 3.6.
tl;dr of the thread:
In a nutshell, the latest patch from Kristján Valur Jónsson updates
SSLContext.load_cert_chain(certfile, keyfile=None, password=None) and
SSLContext.load_verify_locations(cafile=None, capath=None)
so certfile, keyfile and cafile can be either a string representing a path to a file or a file-like object.
The discussion seems to favor this API (pass file-like objects) rather than using new arguments (certdata, keydata) to pass string or bytes objects.
However, Christian Heimes proposed a patch (which landed in 3.4) which adds a cadata argument to load_verify_locations().
So, what should we do?
- allow certfile, keyfile and cafile to be paths or file-like objects,
- add certdata and keydata to load_cert_chain() to be consistent with load_verify_locations(),
- do both.
I'd go the the 2nd solution to be consistent with the API and keep things simple. |
|