[issue1581] xmlrpclib.ServerProxy() doesn't use x509 data
Bill Janssen
report at bugs.python.org
Tue Mar 18 17:53:03 CET 2008
Bill Janssen <bill.janssen at gmail.com> added the comment:
Looking at this patch, I definitely agree with the need for
documentation. And a test case which uses the SafeTransport class.
But the patch itself also needs a bit more work. (It uses httplib.HTTPS
underneath, and that needs more work, too.) At a minimum, the caller
should be able to optionally specify somehow, either as a contructor
arg, or otherwise (a module-global variable, perhaps), a set of
certificate-authority root certs, which, if specified, would cause
client-side validation of the server's certificate. I think this should
be added as an optional constructor arg to the HTTPS class.
__________________________________
Tracker <report at bugs.python.org>
<http://bugs.python.org/issue1581>
__________________________________
More information about the Python-bugs-list
mailing list