(host: str, port: int, capath: str)
| 27 | |
| 28 | |
| 29 | def check_ocsp(host: str, port: int, capath: str) -> None: |
| 30 | ctx = get_ssl_context( |
| 31 | None, # certfile |
| 32 | None, # passphrase |
| 33 | capath, # ca_certs |
| 34 | None, # crlfile |
| 35 | False, # allow_invalid_certificates |
| 36 | False, # allow_invalid_hostnames |
| 37 | False, |
| 38 | True, # is sync |
| 39 | ) # disable_ocsp_endpoint_check |
| 40 | |
| 41 | # Ensure we're using pyOpenSSL. |
| 42 | assert isinstance(ctx, SSLContext) |
| 43 | |
| 44 | s = socket.socket() |
| 45 | s.connect((host, port)) |
| 46 | try: |
| 47 | s = ctx.wrap_socket(s, server_hostname=host) # type: ignore[assignment] |
| 48 | finally: |
| 49 | s.close() |
| 50 | |
| 51 | |
| 52 | def main() -> None: |
no test coverage detected