Antoine Pitrou <pit...@free.fr> added the comment: > The only idea which comes to mind is try to open() the file before calling > load_cert_chain(). > That would automatically also take care of permission errors, etc.. > Not very clean, but... :-\
It's vulnerable to various issues such as race conditions (for example, you open() the file while it still exists but it doesn't exist anymore when OpenSSL opens it again). A clean way to do this would be to use lower-level APIs such as PEM_read_X509(), so that we can pass our own FILE* to OpenSSL. But it is also much more code to write. That said, have you checked the system errno at this point? Perhaps it gives us enough information (if it hasn't been cleared by OpenSSL... :/). > No ideas here. I googled for some OpenSSL API to verify the > certificate, which we can even possibly expose in ssl.py, but I > couldn't find any. I don't think that would change anything, since the verification APIs would probably give you the exact same error message. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue9706> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
