New submission from Andreas Hasenack:
I was trying to use xmlrpclib.ServerProxy() with https and client
certificate validation (I know httplib doesn't do server certificate
validation yet). I found no way to pass on host/uri as a
(host,x509_dict) tuple as the connection methods support,
Changes by Andreas Hasenack:
--
nosy: +ahasenack
_
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1114345>
_
___
Python-bugs-list mailing list
Andreas Hasenack added the comment:
The only difference between xmlrpclib.py from trunk and 2.5.1 is in the
Marshaller class. Unrelated, as far as I can see.
Note that it seems that the intent of the original code was to support
this x509-dict all along:
$ grep -n x509 xmlrpclib.py.trunk
1224
New submission from Andreas Hasenack:
(I hope I used the correct component for this report)
http://pypi.python.org/pypi/ssl/
I used the client example shown at
http://docs.python.org/dev/library/ssl.html#client-side-operation to
connect to a bank site called www.realsecureweb.com.br at
Andreas Hasenack added the comment:
Ups, typo in the script:
cert = "verisign-inc-class-3-public-primary.pem"
__
Tracker <[EMAIL PROTECTED]>
<http://bugs.p
Andreas Hasenack added the comment:
At the least it should be made clear in the documentation that the
hostname is not checked against the commonName nor the subjectAltName
fields of the server certificate. And add some sample code to the
documentation for doing a simple check. Something like
Andreas Hasenack added the comment:
> do it automatically. Unfortunately, that means that client-side
certificate
> verification has to be done (it's pointless to look at the data in
> unverified certificates), and that means that the client software has to
> have an appropri
