pyOpenSSL

Bug #330195
Comment #4

Comment 4 for bug 330195

Revision history for this message

okuda (okuda) wrote on 2009-07-04:

pyOpenSSL-0.9_add_chain_and_sigalg-2.patch.gz Edit (2.6 KiB, text/plain)

I found a bug in my patch and tried to fix the bug, but i can't.
Anyone can help me?

The bug is in get_peer_cert_chain.
This method returns the tuple which the connected server showed us.
In test/test_ssl.py we checked the contents of tuple and it pass.
But the next script exit with SEGMENTATION FAULT.

----------------------------------------------------------------------
from OpenSSL.SSL import SSLv23_METHOD, Context, Connection
from socket import socket

def get_cert_chain(address, port=443):
    context = Context(SSLv23_METHOD)
    client = socket()
    client.connect((address, port))
    clientSSL = Connection(context, client)
    clientSSL.set_connect_state()
    clientSSL.do_handshake()

return clientSSL.get_peer_cert_chain()

def main():
    chain = get_cert_chain('www.google.com')
    print chain
    print chain[0].get_subject()

if __name__ == '__main__':
main()
----------------------------------------------------------------------

Where are wrong things in my patch?

Regards.