Revision - e257574 - bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. [...]

Staging
v0.8.1

Revision e25757408dc22561af9f9589c2c7e2a2fbb66ee4 authored by Ned Deily on 12 June 2018, 01:44:58 UTC, committed by GitHub on 12 June 2018, 01:44:58 UTC

bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530) (GH-7652)

The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.

1 parent 2023eaf

Files
Changes

Permalinks

ctypes_dlfcn.h

#ifndef _CTYPES_DLFCN_H_
#define _CTYPES_DLFCN_H_

#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */

#ifndef MS_WIN32

#include <dlfcn.h>

#ifndef CTYPES_DARWIN_DLFCN

#define ctypes_dlsym dlsym
#define ctypes_dlerror dlerror
#define ctypes_dlopen dlopen
#define ctypes_dlclose dlclose
#define ctypes_dladdr dladdr

#endif /* !CTYPES_DARWIN_DLFCN */

#endif /* !MS_WIN32 */

#ifdef __cplusplus
}
#endif /* __cplusplus */
#endif /* _CTYPES_DLFCN_H_ */

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...