Message 203711 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	christian.heimes, giampaolo.rodola, gvanrossum, intgr, janssen, pitrou
Date	2013-11-22.01:43:08
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1385084589.96.0.678070360778.issue19292@psf.upfronthosting.co.za>
In-reply-to

Content
The patch implements a new method SSLContext.load_default_certs(). A new method is a required because set_default_verify_paths() doesn't have a way to specify a purpose. Every cert store allows the user to specify the purpose of a certificate (e.g. suitable for every purpose or just for serverAuth and clientAuth). The feature is supported by NSS certdata.txt, Windows API and Apple's crypto API. The patch is rather simple and uses features implemented in issues #17134 Use Windows' certificate store for CA certs #18138 ctx.load_verify_locations(cadata) #19448 SSL: add OID / NID lookup

The patch implements a new method SSLContext.load_default_certs(). A new method is a required because set_default_verify_paths() doesn't have a way to specify a purpose. Every cert store allows the user to specify the purpose of a certificate (e.g. suitable for every purpose or just for serverAuth and clientAuth). The feature is supported by NSS certdata.txt, Windows API and Apple's crypto API.

The patch is rather simple and uses features implemented in issues

#17134 Use Windows' certificate store for CA certs
#18138 ctx.load_verify_locations(cadata)
#19448 SSL: add OID / NID lookup

History
Date	User	Action	Args
2013-11-22 01:43:10	christian.heimes	set	recipients: + christian.heimes, gvanrossum, janssen, pitrou, giampaolo.rodola, intgr
2013-11-22 01:43:09	christian.heimes	set	messageid: <1385084589.96.0.678070360778.issue19292@psf.upfronthosting.co.za>
2013-11-22 01:43:09	christian.heimes	link	issue19292 messages
2013-11-22 01:43:09	christian.heimes	create