[PYTHON-CRYPTO] SSL.Context.load_verify_locations

Heikki Toivonen heikki at OSAFOUNDATION.ORG
Thu Jun 9 04:29:24 CEST 2005

Thomas D. Uram wrote:
> I have two problems with SSL.Context.load_verify_locations:
> - OpenSSL regards each of the args cafile and capath as optional, but m2crypto requires
> the cafile arg to be present (via an assertion).  Is there a reason for this?

I don't know, but I think that assertion is actually bogus. I think it
would make more sense to enable the commented out assertion above.

I don't see why you would want to call this with both cafile and capath
as None. In that case the underlying OpenSSL function returns 0 (for

> - Since these are string args, SWIG requires that they be so, and doesn't allow None to be
> passed in (for mapping to NULL in the C code).  A SWIG typemap to map from Py_None to NULL
> for 'char *' args would do the trick (and, in fact, seems like the right thing for SWIG to
> do in general).  Is there another way round this problem?

I think you are mistaken. When I comment out the assert I can call the
method with both capath and cafile as None and it will work as expected
(returns 0).

So, do you want me to take out the assert, or re-enable the assert above
when both of these are None?

  Heikki Toivonen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20050608/5e1ff643/attachment.pgp>

More information about the python-crypto mailing list