Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CVE-2016-9015: Correct set verify flags.
This error, introduced in 1.17, causes users using OpenSSL 1.1.0 along with PyOpenSSL to silently fail to validate certificates. This is an alarming failure mode, and is currently being worked on as part of OpenSSL 1.1.0: openssl/openssl#1793 This patch will be merged into master in a different form, as part of a general testing cleanup. The flaw was discovered by Cory Benfield, and was in fact caught by urllib3's test suite: it just happens that we hadn't tested that particular software configuration before releasing 1.17.
- Loading branch information