> Just wanted to ping you on this. Should I be re-reviewing this branch (it
> doesn't look like there have been any changes since last time), or providing
> more feedback? 0.10 might be coming up, and if this can be ready it'd be
> great to include it.
Sorry for the long silence, I've been terribly busy at work lately.
I've updated the branch now with doc fixes, this should address 1) and 2).
Regarding 3), I can drop the whole method, but I think that it is useful
as it is, i.e. I expect that it would be used like this:
store = context.get_cert_store()
for cacert in cacerts: store.add_cert(cacert) context.add_client_ca(cacert)
I also lowercased the new methods, for consistency with the rest of
PyOpenSSL (e.g. SSL.Context.load_client_ca,
crypto.PKCS12.get_ca_certificates). This change was made in a single
revision, so it can be dropped if you think the old names are better.
Regarding 4) and 5), the needed changes would be quite intrusive and
I'm not sure that we could preserve binary compatibility. I'll try to
work on that over the weekend, but I would be more comfortable if that
was a separate branch, possibly merged after the release.
> Just wanted to ping you on this. Should I be re-reviewing this branch (it
> doesn't look like there have been any changes since last time), or providing
> more feedback? 0.10 might be coming up, and if this can be ready it'd be
> great to include it.
Sorry for the long silence, I've been terribly busy at work lately.
I've updated the branch now with doc fixes, this should address 1) and 2).
Regarding 3), I can drop the whole method, but I think that it is useful
as it is, i.e. I expect that it would be used like this:
store = context. get_cert_ store()
store. add_cert( cacert)
context. add_client_ ca(cacert)
for cacert in cacerts:
I also lowercased the new methods, for consistency with the rest of load_client_ ca, PKCS12. get_ca_ certificates) . This change was made in a single
PyOpenSSL (e.g. SSL.Context.
crypto.
revision, so it can be dropped if you think the old names are better.
Regarding 4) and 5), the needed changes would be quite intrusive and
I'm not sure that we could preserve binary compatibility. I'll try to
work on that over the weekend, but I would be more comfortable if that
was a separate branch, possibly merged after the release.