Author christian.heimes
Recipients benjamin.peterson, brian.curtin, christian.heimes, dilettant, eric.araujo, esc24, georg.brandl, larry, loewis, mlen, ned.deily, orsenthil, pitrou, ronaldoussoren
Date 2013-07-08.11:48:49
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1373284129.58.0.205811312398.issue17128@psf.upfronthosting.co.za>
In-reply-to
Content
How about we include certsync [1] as an external program then? It's not as elegant as an internal API but it's not going to cause trouble with forking servers.

The first time a root CA cert is require, some new code in Python's SSL module runs certsync and grabs the list of PEM encoded certs from its stdout. The output is cached in a module variable and loaded with the new features from #16487 and #18138.

How does that sound to you?

[1] https://svn.macports.org/repository/macports/trunk/dports/security/certsync/files/certsync.m
History
Date User Action Args
2013-07-08 11:48:49christian.heimessetrecipients: + christian.heimes, loewis, georg.brandl, ronaldoussoren, orsenthil, pitrou, larry, benjamin.peterson, ned.deily, eric.araujo, brian.curtin, esc24, dilettant, mlen
2013-07-08 11:48:49christian.heimessetmessageid: <1373284129.58.0.205811312398.issue17128@psf.upfronthosting.co.za>
2013-07-08 11:48:49christian.heimeslinkissue17128 messages
2013-07-08 11:48:49christian.heimescreate