allow use of default certificate store
Bug #264956 reported by
Ludwig Nussel
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| pyOpenSSL |
Fix Released
|
Medium
|
Jean-Paul Calderone | ||
Bug Description
While trying to fix up one of our tools to support proper https I
found the following features missing from pyopenssl:
- it's not possible to pass a directory as certificate store. On
openSUSE we have all trusted ca certificates in individual files
in /etc/ssl/certs
- applications should not need to know about /etc/ssl/certs so the
lib should just use SSL_CTX_
location built into the distro's openssl.
The attached patch implements both features without changing the
API.
Related branches
Revision history for this message
| Ludwig Nussel (l-n) wrote | #1 |
Revision history for this message
| Jean-Paul Calderone (exarkun) wrote | #2 |
| Changed in pyopenssl: | |
| assignee: | nobody → exarkun |
| status: | New → In Progress |
Revision history for this message
| Ludwig Nussel (l-n) wrote | #3 |
| Changed in pyopenssl: | |
| milestone: | none → 0.9 |
Revision history for this message
| Jean-Paul Calderone (exarkun) wrote | #4 |
| Changed in pyopenssl: | |
| importance: | Undecided → Medium |
| status: | In Progress → Fix Committed |
| Changed in pyopenssl: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
I've added support for a second optional argument to load_verify_