Message287866
> Do you modify the SSLContext object in your SNI callback? That's the wrong way to do it. You have to create a SSLContext object for each certificate/key pair at startup and then change the socket's context attribute.
Would it be possible to prevent bugs? For example, make SSLContext "read only" while the SNI callback is called? Or my question doesn't make sense? :-) I don't know well how OpenSSL works.
At least, we should warn users in the ssl documentation to mention such crash? |
|
Date |
User |
Action |
Args |
2017-02-15 17:28:29 | vstinner | set | recipients:
+ vstinner, christian.heimes, David Ford (FirefighterBlu3) |
2017-02-15 17:28:29 | vstinner | set | messageid: <1487179709.94.0.409335348322.issue29470@psf.upfronthosting.co.za> |
2017-02-15 17:28:29 | vstinner | link | issue29470 messages |
2017-02-15 17:28:29 | vstinner | create | |
|