[issue24646] Python accepts SSL certificate that should be rejected on OSX
Ronald Oussoren
report at bugs.python.org
Mon Jul 20 14:19:07 CEST 2015
Ronald Oussoren added the comment:
Using our own OpenSSL build should be saver in the long run anyway. Apple provides enough API’s to reproduce the behaviour of Apple’s build in a cleaner way (by making the loading of system CA certs an explicit action). Problem is: that likely requires using API’s higher up in the API stack, which could cause problems when using os.fork without os.exec (the old “CoreFoundation crashes in child processes” problem).
Ronald
> On 18 Jul 2015, at 06:22, Ned Deily <report at bugs.python.org> wrote:
>
>
> Ned Deily added the comment:
>
>> For what it's worth, the El Capitan Beta's apparently don't ship with
>> OpenSSL headers anymore though they do still ship with the dylibs.
>
> Hmm, I had tested installing existing python.org binary releases with the first DPs of 10.11 and I *thought* I had tested building from source, as well. But, yes, it appears that the headers are no longer there, at least on the most recent DP I have installed. I'm traveling and essentially "off-the-net" for another week but I will take a closer look at the situation then.
>
> ----------
>
> _______________________________________
> Python tracker <report at bugs.python.org>
> <http://bugs.python.org/issue24646>
> _______________________________________
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue24646>
_______________________________________
More information about the Python-bugs-list
mailing list