This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients christian.heimes, giampaolo.rodola, gvanrossum, janssen, pitrou
Date 2013-11-22.14:12:55
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Good point!

We need a purpose flag anyway in order to load the appropriate root CA certs. The purpose flag can be used for purpose-specific verify mode:

SERVER_AUTH = _ASN1Object('')
CLIENT_AUTH = _ASN1Object('')

    if isinstance(purpose, str):
        purpose = _ASN1Object.fromname(purpose)
    if verify_mode is None:
        if purpose == SERVER_AUTH:
            # authenticate a TLS web server (for client sockets). The default 
            # setting may change in the future.
            verify_mode = CERT_NONE
        elif purpose == CLIENT_AUTH:
            # authenticate a TLS web client (for server sockets). The default
            # setting is guaranteed to be stable and will never change.
            verify_mode = CERT_NONE
            # other (code signing, S/MIME, IPSEC, ...), default may change.
            verify_mode = CERT_NONE
    context.verify_mode = verify_mode
Date User Action Args
2013-11-22 14:12:56christian.heimessetrecipients: + christian.heimes, gvanrossum, janssen, pitrou, giampaolo.rodola
2013-11-22 14:12:56christian.heimessetmessageid: <>
2013-11-22 14:12:56christian.heimeslinkissue19689 messages
2013-11-22 14:12:55christian.heimescreate