Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 4243cc6

Browse files
chrisburrchrisburr
committed
bpo-18233: Always return peer certificate from SSLSocket.getpeercertchain()
1 parent 7008f61 commit 4243cc6

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

Modules/_ssl.c

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2187,6 +2187,11 @@ _ssl__SSLSocket_getpeercertchain_impl(PySSLSocket *self, int binary_mode,
21872187
#endif
21882188
} else {
21892189
peer_chain = SSL_get_peer_cert_chain(self->ssl);
2190+
if (self->socket_type == PY_SSL_SERVER) {
2191+
X509 *peer_cert = SSL_get_peer_certificate(self->ssl);
2192+
if (peer_cert != NULL)
2193+
sk_X509_insert(peer_chain, peer_cert, 0);
2194+
}
21902195
}
21912196

21922197
if (peer_chain == NULL) {

0 commit comments

Comments
 (0)