New submission from Adam Simpkins :
The SSLContext.load_cert_chain() method should accept a password argument to
use if the private key is encrypted. Currently it always uses OpenSSL's
default password callback, which prompts the user interactively for a password.
I've attached a
Adam Simpkins added the comment:
> It seems a bit strange to me to accept string types or callable in the
> same argument. If it just supported strings, people could still write
> password=somefunction(), right?
The function is only called if the private key is encrypted and a
pa
Adam Simpkins added the comment:
Here's a new patch that accepts any callable. The old patch only accepted
actual function objects.
--
Added file: http://bugs.python.org/file22975/ssl-password.2.patch
___
Python tracker
<http://bugs.py
Adam Simpkins added the comment:
Good catch. Here's an updated patch to fix the missing decref in
_pwinfo_set()
The length check in _password_callback() applies to both callback
functions and predefined strings. The C API always uses a callback,
so _password_callback() is used even whe
Adam Simpkins added the comment:
OpenSSL doesn't appear to do any special handling for i18n, and just
treats the strings as binary data. It uses fgets() to read the password
from the terminal, so it will receive it however the terminal encodes
it.
It's not clear
Adam Simpkins added the comment:
Here's a patch with updates to the documentation to more fully specify the
behavior of the password field, including specifying that strings will be
encoded using UTF-8.
--
Added file: http://bugs.python.org/file23043/ssl-password.4.
New submission from Adam Simpkins:
The curses.get_wch() function does not check if wget_wch() returned OK or
KEY_CODE_YES. In either case, it simply returns the character code.
This makes get_wch() unusable when keypad is enabled, because the caller cannot
distinguish function key or arrow
Adam Simpkins added the comment:
> + Get a wide character as (is_key_code, key). *is_key_code* is True for
> + function keys, keypad keys and so, in this case, *key* is a multibyte
> string
> + containing the key name. Otherwise, *key* is a single character
> + correspon
