Message 191411 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	christian.heimes, ezio.melotti, pitrou
Date	2013-06-18.13:59:04
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1059316149.95369608.1371563933030.JavaMail.root@zimbra10-e2.priv.proxad.net>
In-reply-to	<1371563566.88.0.884029209542.issue18138@psf.upfronthosting.co.za>

Content
> The check for trailing data ensures that the user gets an error > message if she tries to load a PEM string with multiple certs. She > might expect that add_ca_cert(pem) loads all PEM certs from the > string while in fact PEM_read_bio_X509() only loads the first cert. I don't think it is useful. Just make the behaviour well-documented. (there is no security risk in loading too few CA certs)

> The check for trailing data ensures that the user gets an error
> message if she tries to load a PEM string with multiple certs. She
> might expect that add_ca_cert(pem) loads all PEM certs from the
> string while in fact PEM_read_bio_X509() only loads the first cert.

I don't think it is useful. Just make the behaviour well-documented.
(there is no security risk in loading too few CA certs)

History
Date	User	Action	Args
2013-06-18 13:59:04	pitrou	set	recipients: + pitrou, christian.heimes, ezio.melotti
2013-06-18 13:59:04	pitrou	link	issue18138 messages
2013-06-18 13:59:04	pitrou	create