[PATCH] ssl: ensure the cert is parsable with a dict to check the hostname

Johannes Stezenbach js at sig21.net
Mon Jan 17 19:41:48 GMT 2011

On Mon, Jan 17, 2011 at 07:32:45PM +0100, Nicolas Sebrecht wrote:
> The SSL library gives choice between DER-encoded/binary data and a dict format.
> Explicitly ask for a dict to parse it.
> http://docs.python.org/library/ssl.html?highlight=getpeercert#ssl.SSLSocket.getpeercert

The documentation says binary_form=False is default.  It also says:

"If the certificate was not validated, the dict is empty."
"if CERT_NONE was used to establish the connection, the certificate,
if present, will not have been validated."


More information about the OfflineIMAP-project mailing list