[issue8813] SSLContext doesn't support loading a CRL
Antoine Pitrou
report at bugs.python.org
Thu Sep 1 23:41:22 CEST 2011
Antoine Pitrou <pitrou at free.fr> added the comment:
Is it enough to just load a CRL file, or is other functionality usually needed?
The following APIs should help us do it:
- X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);
- int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
- X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl);
And also for configuration (enable CRL checking on the context):
- X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
- int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
----------
stage: -> needs patch
versions: +Python 3.3 -Python 3.2
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue8813>
_______________________________________
More information about the Python-bugs-list
mailing list