[issue28747] Expose SSL_CTX_set_cert_verify_callback
Steve Dower
report at bugs.python.org
Sat Nov 19 19:44:42 EST 2016
Steve Dower added the comment:
When I was stepping through, this callback avoided all of those lookups, so I don't understand how it's being called too late?
This approach basically takes the entire raw certificate and lets the OS do whatever it needs. OpenSSL doesn't ever have to crack it open at all (or at least when it does, it can assume the whole chain is trusted).
What am I missing here? I've got no doubt I'm missing something, as OpenSSL is possibly the most complicated code I've ever seen :)
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue28747>
_______________________________________
More information about the Python-bugs-list
mailing list