[Python-Dev] LibreSSL support
Wes Turner
wes.turner at gmail.com
Thu Jan 18 14:54:08 EST 2018
LibreSSL is not a pressing need for me; but fallback to the existing
insecure check if LibreSSL is present shouldn't be too difficult?
On Thursday, January 18, 2018, Christian Heimes <christian at python.org>
wrote:
> On 2018-01-18 19:42, Wes Turner wrote:
> > Is there a build flag or a ./configure-time autodetection that would
> > allow for supporting LibreSSL while they port
> X509_VERIFY_PARAM_set1_host?
>
> X509_VERIFY_PARAM_set1_host() is a fundamental and essential piece in
> the new hostname verification code. I cannot replace
> ssl.match_hostname() easily without the API. There might be a way to add
> a callback, but it would take a couple of days of R&D to implement it.
> It won't be finished for beta1 feature freeze.
>
> Christian
>
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/
> wes.turner%40gmail.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20180118/3aaf7e47/attachment.html>
More information about the Python-Dev
mailing list