From 183733dfb6b4779d1a5e47f41a2fb86c6be08dda Mon Sep 17 00:00:00 2001 From: "Miss Islington (bot)" <31488909+miss-islington@users.noreply.github.com> Date: Wed, 2 Oct 2019 09:52:50 -0700 Subject: [PATCH] bpo-38338, test.pythoninfo: add more ssl infos (GH-16539) test.pythoninfo now logs environment variables used by OpenSSL and Python ssl modules, and logs attributes of 3 SSL contexts (SSLContext, default HTTPS context, stdlib context). (cherry picked from commit b3e7045f8314e7b62cd95861d207fe2f97e47198) Co-authored-by: Victor Stinner --- Lib/test/pythoninfo.py | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/Lib/test/pythoninfo.py b/Lib/test/pythoninfo.py index d2fa6c59365..797b3af7d30 100644 --- a/Lib/test/pythoninfo.py +++ b/Lib/test/pythoninfo.py @@ -470,10 +470,15 @@ def collect_sysconfig(info_add): def collect_ssl(info_add): + import os try: import ssl except ImportError: return + try: + import _ssl + except ImportError: + _ssl = None def format_attr(attr, value): if attr.startswith('OP_'): @@ -490,6 +495,32 @@ def collect_ssl(info_add): ) copy_attributes(info_add, ssl, 'ssl.%s', attributes, formatter=format_attr) + for name, ctx in ( + ('SSLContext', ssl.SSLContext()), + ('default_https_context', ssl._create_default_https_context()), + ('stdlib_context', ssl._create_stdlib_context()), + ): + attributes = ( + 'minimum_version', + 'maximum_version', + 'protocol', + 'options', + 'verify_mode', + ) + copy_attributes(info_add, ctx, f'ssl.{name}.%s', attributes) + + env_names = ["OPENSSL_CONF", "SSLKEYLOGFILE"] + if _ssl is not None and hasattr(_ssl, 'get_default_verify_paths'): + parts = _ssl.get_default_verify_paths() + env_names.extend((parts[0], parts[2])) + + for name in env_names: + try: + value = os.environ[name] + except KeyError: + continue + info_add('ssl.environ[%s]' % name, value) + def collect_socket(info_add): import socket