summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Lib/ssl.py3
-rw-r--r--Lib/test/test_ssl.py3
2 files changed, 3 insertions, 3 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py
index 37a484a0c2..18730cb2e9 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -104,8 +104,6 @@ from _ssl import (
SSLSyscallError, SSLEOFError,
)
from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
-from _ssl import (VERIFY_DEFAULT, VERIFY_CRL_CHECK_LEAF, VERIFY_CRL_CHECK_CHAIN,
- VERIFY_X509_STRICT)
from _ssl import txt2obj as _txt2obj, nid2obj as _nid2obj
from _ssl import RAND_status, RAND_add, RAND_bytes, RAND_pseudo_bytes
try:
@@ -122,6 +120,7 @@ def _import_symbols(prefix):
_import_symbols('OP_')
_import_symbols('ALERT_DESCRIPTION_')
_import_symbols('SSL_ERROR_')
+_import_symbols('VERIFY_')
from _ssl import HAS_SNI, HAS_ECDH, HAS_NPN, HAS_ALPN
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 596652a04d..ea619fdad1 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -2284,7 +2284,8 @@ else:
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context.verify_mode = ssl.CERT_REQUIRED
context.load_verify_locations(SIGNING_CA)
- self.assertEqual(context.verify_flags, ssl.VERIFY_DEFAULT)
+ tf = getattr(ssl, "VERIFY_X509_TRUSTED_FIRST", 0)
+ self.assertEqual(context.verify_flags, ssl.VERIFY_DEFAULT | tf)
# VERIFY_DEFAULT should pass
server = ThreadedEchoServer(context=server_context, chatty=True)
View Lorry Controller Status