The Context.set_verify docstring says:
mode - The verify mode, this is either
SSL_VERIFY_NONE or
SSL_VERIFY_PEER combined with
possible other flags
The constants are however named VERIFY_NONE and
VERIFY_PEER.
It would be very helpful if the documentation says what
kind of verification is performed if the set_verify()
method isn't called.
Logged In: YES
user_id=366566
Originator: NO
I've fixed the VERIFY_NONE/VERIFY_PEER issue in my fork of pyOpenSSL at http://launchpad.net/pyopenssl. The changeset is revision 32. I didn't add clarification for the default behavior yet, though.