-
Notifications
You must be signed in to change notification settings - Fork 421
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose constants that are no longer available in latest cryptography #1201
Comments
I will try to do this next week. |
itamarst
pushed a commit
to itamarst/cryptography
that referenced
this issue
Mar 27, 2023
This is necessary for custom TLS certificate validation logic; see pyca/pyopenssl#1201
This was referenced Mar 27, 2023
alex
pushed a commit
to pyca/cryptography
that referenced
this issue
Mar 28, 2023
* Restore the x509 error verification codes. This is necessary for custom TLS certificate validation logic; see pyca/pyopenssl#1201 * Remove changelog entry. --------- Co-authored-by: Itamar Turner-Trauring <itamar@pythonspeed.com>
reaperhulk
pushed a commit
to reaperhulk/cryptography
that referenced
this issue
Mar 28, 2023
* Restore the x509 error verification codes. This is necessary for custom TLS certificate validation logic; see pyca/pyopenssl#1201 * Remove changelog entry. --------- Co-authored-by: Itamar Turner-Trauring <itamar@pythonspeed.com>
alex
pushed a commit
to pyca/cryptography
that referenced
this issue
Mar 28, 2023
* Restore the x509 error verification codes. This is necessary for custom TLS certificate validation logic; see pyca/pyopenssl#1201 * Remove changelog entry. --------- Co-authored-by: Itamar Turner-Trauring <itamar@itamarst.org> Co-authored-by: Itamar Turner-Trauring <itamar@pythonspeed.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
In order to customize TLS validation logic in pyOpenSSL, some constants are sometimes needed. For example, Tahoe-LAFS currently uses X509_V_ERR_CERT_NOT_YET_VALID, X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, and a few others (https://github.com/tahoe-lafs/tahoe-lafs/blob/d92470d233533bdc8ae1f014ca3a82b0ce74e3f3/src/allmydata/storage/http_client.py#L220).
Previous to
cryptography
v40, these were available there, but they no longer are.@alex suggested that:
pyOpenSSL
, since that is the consumer.cryptography
is then updated appropriately to expose just what pyOpenSSL needs.I assume they should be exposed in
OpenSSL.SSL
?cryptography
adding the constants is merged.OpenSSL.SSL.__all__
.The text was updated successfully, but these errors were encountered: