[Python-checkins] cpython: whatsnew: SSLContext.verify_flags and constants. (#8813)
r.david.murray
python-checkins at python.org
Sun Mar 9 23:50:27 CET 2014
http://hg.python.org/cpython/rev/1508c4c9e747
changeset: 89536:1508c4c9e747
user: R David Murray <rdmurray at bitdance.com>
date: Sun Mar 09 17:01:34 2014 -0400
summary:
whatsnew: SSLContext.verify_flags and constants. (#8813)
files:
Doc/whatsnew/3.4.rst | 8 ++++++++
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/Doc/whatsnew/3.4.rst b/Doc/whatsnew/3.4.rst
--- a/Doc/whatsnew/3.4.rst
+++ b/Doc/whatsnew/3.4.rst
@@ -1305,6 +1305,14 @@
``X509v3`` extension items: ``crlDistributionPoints``, ``calIssuers``, and
``OCSP`` URIs. (Contributed by Christian Heimes in :issue:`18379`.)
+If OpenSSL 0.9.8 or later is available, :class:`~ssl.SSLContext` has an new
+attribute :attr:`~ssl.SSLContext.verify_flags` that can be used to control the
+certificate verification process by setting it to some combination of the new
+constants :data:`~ssl.VERIFY_DEFAULT`, :data:`~ssl.VERIFY_CRL_CHECK_LEAF`,
+:data:`~ssl.VERIFY_CRL_CHECK_CHAIN`, or :data:`~ssl.VERIFY_X509_STRICT`.
+OpenSSL does not do any CRL verification by default. (Contributed by
+Christien Heimes in :issue:`8813`.)
+
stat
----
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list