[issue12551] Provide data for TLS channel binding
Antoine Pitrou
report at bugs.python.org
Thu Jul 14 00:01:24 CEST 2011
Antoine Pitrou <pitrou at free.fr> added the comment:
Thank you, this looks mostly good.
A couple of nits:
+#if OPENSSL_VERSION_NUMBER >= 0x0090500fL
+# define HAVE_OPENSSL_FINISHED 1
+#else
+# undef HAVE_OPENSSL_FINNISHED
+#endif
you have a typo in the #undef, also it would be more logical to have
# define HAVE_OPENSSL_FINISHED 0
instead.
_ssl.c will not compile if OpenSSL is too old, because you lack some #if's (or #ifdef's) around PySSL_tls_unique_cb.
Also, it would be nice to expose the availability of tls-unique as a public constant, as we already do for "ssl.HAS_SNI". ssl.HAS_TLS_UNIQUE?
Similarly, you need to skip some of the tests when the functionality isn't available.
And I think get_channel_binding() should raise NotImplementedError in that case.
----------
stage: needs patch -> patch review
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue12551>
_______________________________________
More information about the Python-bugs-list
mailing list