Message204318
The patch implements check_hostname in order to match SSL certs with the peer's hostname in ftp, imap, nntp, pop and smtp library. So far the patch needs more tests and doc updates.
I consider the new feature a security fix. Right now everybody with any valid TLS/SSL certificate can claim that its certificate is valid for 'smtp.google.com'. |
|
Date |
User |
Action |
Args |
2013-11-25 09:48:58 | christian.heimes | set | recipients:
+ christian.heimes, georg.brandl, janssen, pitrou, larry, giampaolo.rodola |
2013-11-25 09:48:57 | christian.heimes | set | messageid: <1385372937.94.0.16541820117.issue19509@psf.upfronthosting.co.za> |
2013-11-25 09:48:57 | christian.heimes | link | issue19509 messages |
2013-11-25 09:48:57 | christian.heimes | create | |
|