John Dennis wrote:
This patch removes the use of OpenSSL (via Python's native libraries) for SSL operations and substitutes NSS for SSL. We were already using NSS in some places, now it's consistently universal.

Be aware that this patch depends on a an upgrade of python-nss to 0.9.

The patch also fixes a problem with certification validation, previously we had not been fully validating a certificate and as such it was a security vulnerability.

ack, pushed to master. Note that the new python-nss is only in our own repo right now (


Freeipa-devel mailing list

Reply via email to