[pypy-commit] pypy stdlib-2.7.9: ssl.get_default_verify_paths()

[amauryfa]

Author: Amaury Forgeot d'Arc <amauryfa at gmail.com>
Branch: stdlib-2.7.9
Changeset: r75658:447c4c3f1931
Date: 2015-02-02 21:51 +0100
http://bitbucket.org/pypy/pypy/changeset/447c4c3f1931/

Log:	ssl.get_default_verify_paths()

diff --git a/pypy/module/_ssl/__init__.py b/pypy/module/_ssl/__init__.py
--- a/pypy/module/_ssl/__init__.py
+++ b/pypy/module/_ssl/__init__.py
@@ -9,6 +9,7 @@
         '_test_decode_cert': 'interp_ssl._test_decode_cert',
         'txt2obj': 'interp_ssl.txt2obj',
         'nid2obj': 'interp_ssl.nid2obj',
+        'get_default_verify_paths': 'interp_ssl.get_default_verify_paths',
 
         'SSLError': "interp_ssl.get_exception_class(space, 'w_sslerror')",
         'SSLZeroReturnError': "interp_ssl.get_exception_class(space, 'w_sslzeroreturnerror')",
diff --git a/pypy/module/_ssl/interp_ssl.py b/pypy/module/_ssl/interp_ssl.py
--- a/pypy/module/_ssl/interp_ssl.py
+++ b/pypy/module/_ssl/interp_ssl.py
@@ -1563,3 +1563,18 @@
 @unwrap_spec(nid=int)
 def nid2obj(space, nid):
     return space.newtuple([])
+
+
+def w_convert_path(space, path):
+    if not path:
+        return space.w_None
+    else:
+        return space.wrapbytes(rffi.charp2str(path))
+
+def get_default_verify_paths(space):
+    return space.newtuple([
+        w_convert_path(space, libssl_X509_get_default_cert_file_env()),
+        w_convert_path(space, libssl_X509_get_default_cert_file()),
+        w_convert_path(space, libssl_X509_get_default_cert_dir_env()),
+        w_convert_path(space, libssl_X509_get_default_cert_dir()),
+        ])
diff --git a/pypy/module/_ssl/test/test_ssl.py b/pypy/module/_ssl/test/test_ssl.py
--- a/pypy/module/_ssl/test/test_ssl.py
+++ b/pypy/module/_ssl/test/test_ssl.py
@@ -363,6 +363,14 @@
         raises(TypeError, ctx.load_dh_params, None)
         raises(_ssl.SSLError, ctx.load_dh_params, self.keycert)
 
+    def test_get_default_verify_paths(self):
+        import _ssl
+        paths = _ssl.get_default_verify_paths()
+        assert paths[0] == 'SSL_CERT_FILE'
+        assert paths[2] == 'SSL_CERT_DIR'
+        assert paths[1].endswith('cert.pem')
+        assert paths[3].endswith('certs')
+
 
 class AppTestSSLError:
     spaceconfig = dict(usemodules=('_ssl', '_socket', 'thread'))
diff --git a/rpython/rlib/ropenssl.py b/rpython/rlib/ropenssl.py
--- a/rpython/rlib/ropenssl.py
+++ b/rpython/rlib/ropenssl.py
@@ -338,6 +338,11 @@
 ssl_external('X509_VERIFY_PARAM_get_flags', [X509_VERIFY_PARAM], rffi.ULONG)
 ssl_external('X509_STORE_add_cert', [X509_STORE, X509], rffi.INT)
 
+ssl_external('X509_get_default_cert_file_env', [], rffi.CCHARP)
+ssl_external('X509_get_default_cert_file', [], rffi.CCHARP)
+ssl_external('X509_get_default_cert_dir_env', [], rffi.CCHARP)
+ssl_external('X509_get_default_cert_dir', [], rffi.CCHARP)
+
 ssl_external('OBJ_obj2txt',
              [rffi.CCHARP, rffi.INT, ASN1_OBJECT, rffi.INT], rffi.INT)
 ssl_external('OBJ_obj2nid', [ASN1_OBJECT], rffi.INT)