Created on 2010-05-24 21:17 by haypo, last changed 2011-10-05 19:26 by dandrzejewski.
| Messages (2) | |||
|---|---|---|---|
| msg106393 - (view) | Author: STINNER Victor (haypo) *  |
Date: 2010-05-24 21:17 | |
SSL Context should support loading a CRL. See M2Crypto patches: https://bugzilla.osafoundation.org/show_bug.cgi?id=12954 https://bugzilla.osafoundation.org/show_bug.cgi?id=11694 Or PyOpenSSL branch supporting CRL: https://launchpad.net/~rick-fdd/pyopenssl/crl_and_revoked |
|||
| msg143358 - (view) | Author: Antoine Pitrou (pitrou) * |
Date: 2011-09-01 21:41 | |
Is it enough to just load a CRL file, or is other functionality usually needed? The following APIs should help us do it: - X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx); - int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); - X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); And also for configuration (enable CRL checking on the context): - X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx); - int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags); |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2011-10-05 19:26:10 | dandrzejewski | set | nosy:
+ dandrzejewski |
| 2011-09-01 21:41:22 | pitrou | set | stage: needs patch messages: + msg143358 versions: + Python 3.3, - Python 3.2 |
| 2010-05-24 21:54:50 | giampaolo.rodola | set | nosy:
+ giampaolo.rodola |
| 2010-05-24 21:28:09 | pitrou | set | type: enhancement |
| 2010-05-24 21:17:17 | haypo | set | nosy:
+ pitrou |
| 2010-05-24 21:17:08 | haypo | create | |