[Freeipa-devel] [PATCH 16/16] use NSS for SSL operations
Rob Crittenden
rcritten at redhat.com
Tue Jun 15 19:21:44 UTC 2010
John Dennis wrote:
> This patch removes the use of OpenSSL (via Python's native libraries)
> for SSL operations and substitutes NSS for SSL. We were already using
> NSS in some places, now it's consistently universal.
>
> Be aware that this patch depends on a an upgrade of python-nss to 0.9.
>
> The patch also fixes a problem with certification validation, previously
> we had not been fully validating a certificate and as such it was a
> security vulnerability.
ack, pushed to master. Note that the new python-nss is only in our own
repo right now
(http://jdennis.fedorapeople.org/ipa-devel/ipa-devel-fedora.repo)
rob
More information about the Freeipa-devel
mailing list