Retrieve the certificate from the server at the specified address, and return it as a PEM-encoded string. If 'ca_certs' is specified, validate the server cert against it. If 'ssl_version' is specified, use it in the connection attempt. If 'timeout' is specified, use it in the connect
(addr, ssl_version=PROTOCOL_TLS_CLIENT,
ca_certs=None, timeout=_GLOBAL_DEFAULT_TIMEOUT)
| 1552 | return base64.decodebytes(d.encode('ASCII', 'strict')) |
| 1553 | |
| 1554 | def get_server_certificate(addr, ssl_version=PROTOCOL_TLS_CLIENT, |
| 1555 | ca_certs=None, timeout=_GLOBAL_DEFAULT_TIMEOUT): |
| 1556 | """Retrieve the certificate from the server at the specified address, |
| 1557 | and return it as a PEM-encoded string. |
| 1558 | If 'ca_certs' is specified, validate the server cert against it. |
| 1559 | If 'ssl_version' is specified, use it in the connection attempt. |
| 1560 | If 'timeout' is specified, use it in the connection attempt. |
| 1561 | """ |
| 1562 | |
| 1563 | host, port = addr |
| 1564 | if ca_certs is not None: |
| 1565 | cert_reqs = CERT_REQUIRED |
| 1566 | else: |
| 1567 | cert_reqs = CERT_NONE |
| 1568 | context = _create_stdlib_context(ssl_version, |
| 1569 | cert_reqs=cert_reqs, |
| 1570 | cafile=ca_certs) |
| 1571 | with create_connection(addr, timeout=timeout) as sock: |
| 1572 | with context.wrap_socket(sock, server_hostname=host) as sslsock: |
| 1573 | dercert = sslsock.getpeercert(True) |
| 1574 | return DER_cert_to_PEM_cert(dercert) |
| 1575 | |
| 1576 | def get_protocol_name(protocol_code): |
| 1577 | return _PROTOCOL_NAMES.get(protocol_code, '<unknown>') |
nothing calls this directly
no test coverage detected
searching dependent graphs…