Skip to content

Implement more SSL methods #6210

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
youknowone merged 22 commits into from
Oct 26, 2025
Merged

Implement more SSL methods #6210

Changes from 1 commit
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
6af5fa8
openssl-sys version
youknowone Oct 23, 2025
b6a1272
selected_alpn_protocol
youknowone Oct 23, 2025
02d49fa
get_ciphers
youknowone Oct 23, 2025
1878e3d
get_channel_binding
youknowone Oct 23, 2025
0f68a42
Add Tls1_1 and Tls1_2
youknowone Oct 23, 2025
b64fdd7
consts
youknowone Oct 23, 2025
666381a
fix ssl truncate bug
youknowone Oct 23, 2025
efddfce
verify_flags
youknowone Oct 23, 2025
a262e85
shared ciphers
youknowone Oct 23, 2025
97f11dc
verify_client_post_handshake
youknowone Oct 23, 2025
5b2b64c
shutdown
youknowone Oct 23, 2025
6abf7f1
get_verified_chain
youknowone Oct 23, 2025
c3dad1d
fix lints
youknowone Oct 25, 2025
68f8655
fix _wrap_socket
youknowone Oct 24, 2025
9ddd43c
Fix convert_openssl_error
youknowone Oct 24, 2025
fa54752
clean up ssl
youknowone Oct 24, 2025
04f2b0a
X509_check_ca
youknowone Oct 25, 2025
e568f49
set default verify flag
youknowone Oct 25, 2025
9fa10eb
Fix version
youknowone Oct 25, 2025
b030e1a
fix import
youknowone Oct 25, 2025
422ea8c
consts
youknowone Oct 25, 2025
91df67c
fix httplib
youknowone Oct 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
X509_check_ca
  • Loading branch information
@youknowone
youknowone committed Oct 26, 2025
commit 04f2b0a939010296f74ff526a54f879bdcf507a9
14 changes: 14 additions & 0 deletions stdlib/src/ssl.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -878,8 +878,16 @@ mod _ssl {
let certs = ctx.cert_store().all_certificates();
#[cfg(not(ossl300))]
let certs = ctx.cert_store().objects().iter().filter_map(|x| x.x509());

// Filter to only include CA certificates (Basic Constraints: CA=TRUE)
let certs = certs
.into_iter()
.filter(|cert| {
unsafe {
// X509_check_ca() returns 1 for CA certificates
X509_check_ca(cert.as_ptr()) == 1
}
})
.map(|ref cert| cert_to_py(vm, cert, binary_form))
.collect::<Result<Vec<_>, _>>()?;
Ok(certs)
Expand Down Expand Up @@ -1727,6 +1735,12 @@ mod _ssl {
unsafe impl Sync for PySslMemoryBio {}

// OpenSSL functions not in openssl-sys

unsafe extern "C" {
// X509_check_ca returns 1 for CA certificates, 0 otherwise
fn X509_check_ca(x: *const sys::X509) -> libc::c_int;
}

unsafe extern "C" {
fn SSL_get_ciphers(ssl: *const sys::SSL) -> *const sys::stack_st_SSL_CIPHER;
}
Expand Down