On 04:51 pm, na...@animats.com wrote:
I'm converting some code from M2Crypto to the new ssl module, and
I've found what looks like a security hole. The ssl module will
validate the certificate chain, but it doesn't check that the
certificate
is valid for the domain.
Here's the basic
exar...@twistedmatrix.com wrote:
On 04:51 pm, na...@animats.com wrote:
I'm converting some code from M2Crypto to the new ssl module, and
I've found what looks like a security hole. The ssl module will
validate the certificate chain, but it doesn't check that the certificate
is valid for the
On Mon, Apr 19, 2010 at 1:49 PM, John Nagle na...@animats.com wrote:
exar...@twistedmatrix.com wrote:
On 04:51 pm, na...@animats.com wrote:
I'm converting some code from M2Crypto to the new ssl module, and
I've found what looks like a security hole. The ssl module will
validate the
On 05:49 pm, na...@animats.com wrote:
exar...@twistedmatrix.com wrote:
On 04:51 pm, na...@animats.com wrote:
I'm converting some code from M2Crypto to the new ssl module,
and
I've found what looks like a security hole. The ssl module will
validate the certificate chain, but it doesn't
exar...@twistedmatrix.com wrote:
On 05:49 pm, na...@animats.com wrote:
exar...@twistedmatrix.com wrote:
On 04:51 pm, na...@animats.com wrote:
I'm converting some code from M2Crypto to the new ssl module, and
I've found what looks like a security hole. The ssl module will
validate the