mirrors
/
cpython
mirror of https://github.com/python/cpython.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
124,440 Commits 6 Branches 604 Tags 2.9 GiB
Commit Graph

4 Commits

Author SHA1 Message Date
Felix Fontein 4eab6e8d29
[3.13] gh-118658: Modify cert generation script to extract cert3.pem (GH-124598) (GH-124972) 
(cherry picked from commit 480354dc23)
 2024-10-08 13:37:30 +02:00
Miss Islington (bot) 21399a0963
[3.13] gh-118658: Return consistent types from `get_un/verified_chain` in `SSLObject` and `SSLSocket` (GH-118669) (#123082) 
gh-118658: Return consistent types from `get_un/verified_chain` in `SSLObject` and `SSLSocket` (GH-118669)
(cherry picked from commit 8ef358dae1)

Co-authored-by: Mateusz Nowak <nowak.mateusz@hotmail.com>
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
 2024-08-19 10:39:28 -05:00
William Woodruff 0876b921b2
gh-107361: strengthen default SSL context flags (#112389) 
This adds `VERIFY_X509_STRICT` to make the default
SSL context perform stricter (per RFC 5280) validation, as well
as `VERIFY_X509_PARTIAL_CHAIN` to enforce more standards-compliant
path-building behavior.

As part of this changeset, I had to tweak `make_ssl_certs.py`
slightly to emit 5280-conforming CA certs. This changeset includes
the regenerated certificates after that change.

Signed-off-by: William Woodruff <william@yossarian.net>
Co-authored-by: Victor Stinner <vstinner@python.org>
 2024-03-06 13:44:58 -08:00
Nikita Sobolev e57ecf6bbc
gh-108303: Move all certificates to `Lib/test/certdata/` (#109489) 2023-09-16 18:47:18 +02:00