[issue34670] Add set_post_handshake_auth for TLS 1.3
Christian Heimes
report at bugs.python.org
Fri Sep 21 04:00:36 EDT 2018
Christian Heimes <lists at cheimes.de> added the comment:
Please note that SSL_verify_client_post_handshake() doesn't perform any IO by itself.
A typical scenario for HTTP looks like this (actual flow may vary):
* client
* send ``HTTP GET /path``
* server
* recv
* verify_client_post_handshake
* send HTTP Connection Upgrade (emits CertRequest message)
* client
* recv
* send upgrade confirmation (emits Certificate, CertificateVerify, Finish message)
* server
* recv
* verify certificate
* send payload or error (may emit TLS alert for unknown, invalid, or missing cert)
* client
* recv (receive TLS alert or server response)
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue34670>
_______________________________________
More information about the Python-bugs-list
mailing list