LibreSSL is not a pressing need for me; but fallback to the existing insecure check if LibreSSL is present shouldn't be too difficult?
On Thursday, January 18, 2018, Christian Heimes <christ...@python.org> wrote: > On 2018-01-18 19:42, Wes Turner wrote: > > Is there a build flag or a ./configure-time autodetection that would > > allow for supporting LibreSSL while they port > X509_VERIFY_PARAM_set1_host? > > X509_VERIFY_PARAM_set1_host() is a fundamental and essential piece in > the new hostname verification code. I cannot replace > ssl.match_hostname() easily without the API. There might be a way to add > a callback, but it would take a couple of days of R&D to implement it. > It won't be finished for beta1 feature freeze. > > Christian > > _______________________________________________ > Python-Dev mailing list > Python-Dev@python.org > https://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: https://mail.python.org/mailman/options/python-dev/ > wes.turner%40gmail.com >
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com