expose SSL_CTX_set_client_CA_list
Bug #364185 reported by
Glyph Lefkowitz
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pyOpenSSL |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Right now in order to set the client CA list, you have to load a client CA file.
Related branches
lp:~zseil/pyopenssl/client_CA
- Ziga Seilnacht (community): Needs Resubmitting
- Jean-Paul Calderone: Needs Fixing
-
Diff: 567 lines5 files modifieddoc/pyOpenSSL.tex (+33/-3)
src/ssl/connection.c (+53/-0)
src/ssl/context.c (+163/-43)
src/util.h (+5/-1)
test/test_ssl.py (+122/-3)
lp:~exarkun/pyopenssl/client_CA
(Merged)
Changed in pyopenssl: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Here is a branch that impements this functionality by adding the add_client_CA and set_client_CA_list methods to SSL.Context.
In addition, I also exposed the SSL_get_ client_ CA_list as get_client_CA_list method of SSL.Connection objects. Without this testing wouldn't be possible.
The branch also contains some cleanup commits and commits with additional error checks. If you think that they need to be separated from this feature request, I'll open a new bug report.
The only thing missing are the docs, I'll work on that tomorrow. Otherwise, the branch should be ready for review.