[hcs-d] how to validate ssl certificates correctly with python?

Ted Pak tedpak at post.harvard.edu
Sat Jan 28 23:07:17 EST 2012

Urllib2 is a pretty incomplete and awkward HTTP library.  I would suggest Requests.


I'm not certain how airtight the implementation is, but it looks like it can verify SSL certs.


One problem with Python is that even though the language has a philosophy of "only one right way to do it," that way is often not the standard library, which lags behind development on the language itself and fresher ideas found in outside libraries.  You could try to find these libraries in PyPI, but it is a mess to navigate.  The question then becomes where to find best practices.  A few people are trying to fix this with a "hitchhiker's guide to Python."



On Jan 28, 2012, at 10:50 PM, Zak Stone wrote:

> Hello everyone,
> I would like to allow a Python client to communicate securely via
> HTTPS with a server I control that has a valid SSL certificate.
> Unfortunately, it turns out that the relevant standard library
> functions in Python 2.x do not attempt to validate a server's SSL
> certificate _at all_, as you can see from the warnings in the
> documentation below, which means that these functions are vulnerable
> to man-in-the-middle attacks:
> http://docs.python.org/library/urllib.html
> http://docs.python.org/library/urllib2.html
> The folks at Stack Overflow suggest a variety of work-arounds,
> including backporting the match_hostname function that was added to
> the ssl module in Python 3.2:
> http://stackoverflow.com/questions/1087227/validate-ssl-certificates-with-python
> More detailed information is available from the fellow who currently
> maintains M2Crypto:
> http://www.heikkitoivonen.net/blog/2010/08/23/ssl-in-python-2-7/
> http://www.heikkitoivonen.net/blog/2008/10/14/ssl-in-python-26/
> http://chandlerproject.org/Projects/MeTooCrypto
> However, security is complicated, and I find the history of
> catastrophic security failures caused by incorrect usage of TLS/SSL
> sufficiently disturbing to seek expert advice. For example, it appears
> that iOS allowed transparent man-in-the-middle decryption of encrypted
> transmissions until last July:
> http://blog.spiderlabs.com/2011/07/twsl2011-007-ios-ssl-implementation-does-not-validate-certificate-chain.html
> https://www.trustwave.com/spiderlabs/advisories/TWSL2011-007.txt
> http://blog.recurity-labs.com/archives/2011/07/26/cve-2011-0228_ios_certificate_chain_validation_issue_in_handling_of_x_509_certificates/
> http://support.apple.com/kb/HT4824
> http://support.apple.com/kb/HT4825
> This particular attack centered around Apple's failure to check the
> "Basic Constraints" (or basicConstraints) fields in certificate
> chains. This problem has surfaced before as well -- Moxie Marlinspike
> seems to have found a similar vulnerability in Internet Explorer in
> _2002_:
> http://www.thoughtcrime.org/ie-ssl-chain.txt
> Unfortunately, it isn't obvious to me whether the use of
> match_hostname or M2Crypto in Python will prevent this Basic
> Constraints attack, and it is even more difficult to determine whether
> the Python approaches to certificate validation referenced above cover
> other known exploits.
> Would anyone be so kind as to share the Right Way for a Python client
> to communicate securely with a server over HTTPS?
> Many thanks,
> Zak
> _______________________________________________
> hcs-discuss mailing list
> hcs-discuss at lists.hcs.harvard.edu
> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss

More information about the hcs-discuss mailing list