Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tls: add custom_ssl_context parameter #1161

Draft
wants to merge 5 commits into
base: dev
Choose a base branch
from

Conversation

bgre
Copy link

@bgre bgre commented Oct 25, 2024

Add a custom_ssl_context parameter to Tls() to pass a custom ssl.SSLContext object for TLS connections. This allows configurations that currently are not supported in the code, such as more recent ssl options like ssl.SSLContext.verify_flags.

One use case is to enable partial certificate chain verification for pinning certificates in situations where a root certificate is not available.

Add a custom_ssl_context parameter to `Tls()` that makes it possible to pass a custom `ssl.SSLContext` object for the TLS connection, allowing configurations not supported in the current code, such as more recent options like [ssl.SSLContext.verify_flags](https://docs.python.org/3.11/library/ssl.html#ssl.SSLContext.verify_flags).

One use case is to enable [partial certificate chain verification](https://docs.python.org/3.11/library/ssl.html#ssl.VERIFY_X509_PARTIAL_CHAIN) for pinning certificates in situations where a root certificate is not available.
ThePirateWhoSmellsOfSunflowers added a commit to ThePirateWhoSmellsOfSunflowers/ldap3 that referenced this pull request Oct 25, 2024
bgre and others added 4 commits November 7, 2024 17:40
Add a custom_ssl_context parameter to `Tls()` that makes it possible to pass a custom `ssl.SSLContext` object for the TLS connection, allowing configurations not supported in the current code, such as more recent options like [ssl.SSLContext.verify_flags](https://docs.python.org/3.11/library/ssl.html#ssl.SSLContext.verify_flags).

One use case is to enable [partial certificate chain verification](https://docs.python.org/3.11/library/ssl.html#ssl.VERIFY_X509_PARTIAL_CHAIN) for pinning certificates in situations where a root certificate is not available.
Co-authored-by: ThePirateWhoSmellsOfSunflowers <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant