dsahlberg-apache-org commented on code in PR #7:
URL: https://github.com/apache/serf/pull/7#discussion_r2154418000
##########
buckets/ssl_buckets.c:
##########
@@ -890,7 +890,11 @@ validate_server_certificate(int cert_valid, X509_STORE_CTX
*store_ctx)
case X509_V_ERR_UNABLE_TO_GET_CRL:
failures |= SERF_SSL_CERT_UNABLE_TO_GET_CRL;
break;
- default:
+ case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+ case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+ failures |= SERF_SSL_SIGNATURE_FAILURE;
+ break;
+ default:
Review Comment:
Minor nit: indentation issues?
##########
test/certs/create_certs.py:
##########
@@ -73,18 +73,18 @@ def create_crl(revokedcert, cakey, cacert, crlfile,
next_crl_days=VALID_DAYS):
now = datetime.utcnow()
now_str = now.strftime('%Y%m%d%H%M%SZ')
- revoked.set_serial(serial_number)
- revoked.set_reason('unspecified')
- revoked.set_rev_date(now_str) # revoked as of now
+ revoked.set_serial(serial_number.encode('ascii'))
+ revoked.set_reason(b'unspecified')
+ revoked.set_rev_date(now_str.encode('ascii')) # revoked as of now
crl.add_revoked(revoked)
try:
- exported = crl.export(cacert, cakey, days=next_crl_days, digest=b"md5")
+ exported = crl.export(cacert, cakey, days=next_crl_days,
digest=b"sha256")
except TypeError:
Review Comment:
I believe most changes here are related to Py3 except this one. Can we split
it up to separate commits, just for clarification?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@serf.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
