Message202244
I find it surprising that wrap_socket() doesn't verify the server name with match_hostname() when it is called with a server_name argument. The check should be done by default.
I suggest:
- add validate_hostname=True flag to wrap_socket() and functions that call wrap_socket()
- add SSLSocket.match_hostname(hostname=None) to validate hostname with current cert. hostname shall default to server_hostname |
|
Date |
User |
Action |
Args |
2013-11-05 22:47:30 | christian.heimes | set | recipients:
+ christian.heimes, janssen, pitrou, giampaolo.rodola |
2013-11-05 22:47:30 | christian.heimes | set | messageid: <1383691650.31.0.697174756225.issue19507@psf.upfronthosting.co.za> |
2013-11-05 22:47:30 | christian.heimes | link | issue19507 messages |
2013-11-05 22:47:30 | christian.heimes | create | |
|