Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature request: accept a set of fingerprints in TCPConnector #1965

Closed
sp-1234 opened this issue Jun 7, 2017 · 6 comments
Closed

Feature request: accept a set of fingerprints in TCPConnector #1965

sp-1234 opened this issue Jun 7, 2017 · 6 comments
Labels

Comments

@sp-1234
Copy link

sp-1234 commented Jun 7, 2017

Long story short

Right now, if I understand correctly, it's only possible to set a single fingerprint which will be accepted by https client.
Sometimes, endpoint may use one of several certificates (for example if the exact time of certificate update is unknown), so it would make sense to trust a set of certificates instead of just one.

Also, as I see in the current source, it should be a very easy change:

got = self._hashfunc(cert).digest()
expected = self._fingerprint
if got != expected:
    …

so if you agree but have no time, I can give it a try.

@asvetlov
Copy link
Member

asvetlov commented Jun 7, 2017

I think better fix would be adding fingerprint parameter to client.get() etc. like we have it for proxy support now. If you would to make a PR -- you are welcome.

@sp-1234
Copy link
Author

sp-1234 commented Jun 12, 2017

@asvetlov so if I do this issue, I should also do #1128 in the same PR?

@asvetlov
Copy link
Member

Please make two separate PRs.
It makes reviewing much easier.

@cecton
Copy link
Contributor

cecton commented Aug 9, 2017

Started in #2184

@asvetlov
Copy link
Member

Fixed in aiohttp 2.3 by #2184

@lock
Copy link

lock bot commented Oct 28, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a [new issue] for related bugs.
If you feel like there's important points made in this discussion, please include those exceprts into that [new issue].
[new issue]: https://github.com/aio-libs/aiohttp/issues/new

@lock lock bot added the outdated label Oct 28, 2019
@lock lock bot locked as resolved and limited conversation to collaborators Oct 28, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

3 participants