Am I correct in thinking that Python's newfangled socket.settimeout()
feature does not play well with SSL wrapped sockets? Would there be
any interest in making it so that it did?
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/m
> On 30 nov. 2013, at 19:29, Christian Heimes wrote:
>
> With CERT_REQUIRED OpenSSL verifies that the peer's certificate is
> directly or indirectly signed by a trusted root certification authority.
> With Python 3.4 the ssl module is able to use/load the system's trusted
> root certs on all ma
Am 30.11.2013 23:16, schrieb Guido van Rossum:
> Sounds good.
>
> Is another change for asyncio needed?
Yes, but just a small one. The match_hostname() call in
selector_events is no longer required in 3.4.
Christian
___
Python-Dev mailing list
Python-D
Am 01.12.2013 12:33, schrieb Nick Coghlan:
> Perhaps a cleaner option would be to make check_hostname read only,
> and add a secure-by-default method that allows all verification
> related settings to be adjusted at once:
>
> def set_verify_mode(mode=ssl.CERT_REQUIRED, check_hostname=True):
>
On 1 December 2013 21:40, Antoine Pitrou wrote:
> On Sun, 1 Dec 2013 21:33:06 +1000
> Nick Coghlan wrote:
>>
>> If we don't do that, then I think Christian's approach is a reasonable
>> compromise given the late stage of the release cycle - it ensures the
>> context can't get into the inconsisten
On Sun, 1 Dec 2013 21:33:06 +1000
Nick Coghlan wrote:
>
> If we don't do that, then I think Christian's approach is a reasonable
> compromise given the late stage of the release cycle - it ensures the
> context can't get into the inconsistent verify_mode=CERT_NONE and
> check_hostname=True state,
On 1 December 2013 20:37, Antoine Pitrou wrote:
> On Sun, 01 Dec 2013 02:53:32 +0100
> Christian Heimes wrote:
>> Am 30.11.2013 23:51, schrieb Antoine Pitrou:
>> > Small nit: what happens if the server_hostname is None (i.e. wasn't
>> > passed to context.wrap_socket())?
>>
>> The code will raise
On Sun, 01 Dec 2013 02:53:32 +0100
Christian Heimes wrote:
> Am 30.11.2013 23:51, schrieb Antoine Pitrou:
> > Small nit: what happens if the server_hostname is None (i.e. wasn't
> > passed to context.wrap_socket())?
>
> The code will raise an exception. My patch already implements a more
> verbos
