[issue8655] Problem with getpeercert in the ssl module when retrieving client side certs

2010-05-07 Thread Westly Ward 

New submission from Westly Ward :

I originally had this problem when writing my IRCd, but then tested it in a 
basic script.  The problem is that getpeercert() is always returning None when 
executed on the server side, even when the client is using an ssl cert.  I have 
included an example in the attachment.  Just run sslserver.py in one terminal 
window, and then run sslclient.py in the other.  I also included the two fresh 
ssl certs and keys I used.  In client.txt and server.txt I put the commands I 
used to generate the ssl certs and keys.

--
components: Library (Lib)
files: ssltest.tar.gz
messages: 105227
nosy: Westly.Ward
priority: normal
severity: normal
status: open
title: Problem with getpeercert in the ssl module when retrieving client side 
certs
versions: Python 2.6
Added file: http://bugs.python.org/file17249/ssltest.tar.gz

___
Python tracker 
<http://bugs.python.org/issue8655>
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue8655] Problem with getpeercert in the ssl module when retrieving client side certs

2010-05-07 Thread Westly Ward 

Westly Ward  added the comment:

When I use the argument to make certs optional, it gave me an error saying it 
need the ca certs, so I downloaded them and specified to use them, and now I am 
getting errors from ssl.c

Here's the error on the server side:

wes...@westly-desktop ~/Desktop/ssltest $ python sslserver.py 
Traceback (most recent call last):
  File "sslserver.py", line 8, in 
conn, addr, = a.accept()
  File "/usr/lib/python2.6/ssl.py", line 326, in accept
suppress_ragged_eofs=self.suppress_ragged_eofs),
  File "/usr/lib/python2.6/ssl.py", line 118, in __init__
self.do_handshake()
  File "/usr/lib/python2.6/ssl.py", line 293, in do_handshake
self._sslobj.do_handshake()
SSLError: [Errno 1] _ssl.c:480: error:140890B2:SSL 
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned

Here's the error on the client side:

wes...@westly-desktop ~/Desktop/ssltest $ python sslclient.py 
Traceback (most recent call last):
  File "sslclient.py", line 4, in 
a.connect(("127.0.0.1", 112233))
  File "/usr/lib/python2.6/ssl.py", line 309, in connect
self.do_handshake()
  File "/usr/lib/python2.6/ssl.py", line 293, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [Errno 1] _ssl.c:480: error:14094418:SSL 
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

I got the ca certs from 
http://www.positivessl.com/ssl-certificate-support/cert_installation/UTN-USERFirst-Hardware.crt
 which is from a link the the ssl module docs.

I have attached the modified scripts.

--
status: pending -> open
Added file: http://bugs.python.org/file17250/ssltest.tar.gz

___
Python tracker 
<http://bugs.python.org/issue8655>
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com