pyopenssl
pyopenssl copied to clipboard
pyca
A Python wrapper around the OpenSSL library
OpenSSL has a routine `SSL_get_verify_result` to check the validation status of a connection for which any result was accepted. I do not find it in PyOpenSSL? Context: I want to...
OpenSSL now [supports DANE](https://www.openssl.org/docs/man1.1.0/man3/SSL_dane_enable.html). It would be great if this authentication method were exposed by PyOpenSSL.
resolves remaining issue in #258 by switching empty `get_revoked` return to effective empty tuple. This was breaking functional tests in a pyOpenSSL integration.
Add the set_ciphersuites API to set TLS 1.3 ciphersuites properly. See: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_ciphersuites.html https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites
This is my attempt to trigger `WANT_READ` during `sendall()` but it is incomplete at the moment. Any hints on how to make the reproducer more stable are welcome.
This change introduces retries in `OpenSSL.SSL.Connection.sendall()` when `WANT_WRITE_ERROR` or `WANT_READ_ERROR` happen. It relies on `SSL_MODE_ENABLE_PARTIAL_WRITE` being set on the context, that changes the mode of `SSL_write()` to return errors only...
#907 fixed the issue with `set_time()` not working on Windows. It also changed `set_time()`'s behavior in an incompatible way: instead of treating `vfy_time` always being in local time (regardless if...
This PR adds the methods `set_verify`, `set_verify_depth`, `get_verify_mode`, and `get_verify_depth` to the Connection object. While Connection objects inherit these values from the Context used to create it, they can be...
Additionally, makes stringified part conformant to RFC2253
