Revision - e257574 - bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. [...]

Staging
v0.8.1

Revision e25757408dc22561af9f9589c2c7e2a2fbb66ee4 authored by Ned Deily on 12 June 2018, 01:44:58 UTC, committed by GitHub on 12 June 2018, 01:44:58 UTC

bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530) (GH-7652)

The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.

1 parent 2023eaf

Files
Changes

Permalinks

File	Mode	Size
darwin
libffi
libffi_msvc
libffi_osx
_ctypes.c	-rw-r--r--	177.8 KB
_ctypes_test.c	-rw-r--r--	16.0 KB
_ctypes_test.h	-rw-r--r--	82 bytes
callbacks.c	-rw-r--r--	17.0 KB
callproc.c	-rw-r--r--	52.4 KB
cfield.c	-rw-r--r--	43.6 KB
ctypes.h	-rw-r--r--	12.9 KB
ctypes_dlfcn.h	-rw-r--r--	459 bytes
libffi.diff	-rw-r--r--	7.0 KB
malloc_closure.c	-rw-r--r--	2.7 KB
stgdict.c	-rw-r--r--	19.4 KB

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...