Message 202244 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	christian.heimes, giampaolo.rodola, janssen, pitrou
Date	2013-11-05.22:47:30
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1383691650.31.0.697174756225.issue19507@psf.upfronthosting.co.za>
In-reply-to

Content
I find it surprising that wrap_socket() doesn't verify the server name with match_hostname() when it is called with a server_name argument. The check should be done by default. I suggest: - add validate_hostname=True flag to wrap_socket() and functions that call wrap_socket() - add SSLSocket.match_hostname(hostname=None) to validate hostname with current cert. hostname shall default to server_hostname

I find it surprising that wrap_socket() doesn't verify the server name with match_hostname() when it is called with a server_name argument. The check should be done by default.

I suggest:

- add validate_hostname=True flag to wrap_socket() and functions that call wrap_socket()

- add SSLSocket.match_hostname(hostname=None) to validate hostname with current cert. hostname shall default to server_hostname

History
Date	User	Action	Args
2013-11-05 22:47:30	christian.heimes	set	recipients: + christian.heimes, janssen, pitrou, giampaolo.rodola
2013-11-05 22:47:30	christian.heimes	set	messageid: <1383691650.31.0.697174756225.issue19507@psf.upfronthosting.co.za>
2013-11-05 22:47:30	christian.heimes	link	issue19507 messages
2013-11-05 22:47:30	christian.heimes	create