Message231775
http.client.HTTPSConnection has both a check_hostname parameter, and a context parameter to pass an already setup SSL context.
When check_hostname is not set and thus is None, and when passing a SSL context set to NOT check hostnames, ie:
import http.client
import ssl
ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False
https = http.client.HTTPSConnection(..., context=ssl_context)
The https object WILL check hostname.
In my opinion the line :
https://hg.python.org/cpython/file/3.4/Lib/http/client.py#l1207
will_verify = context.verify_mode != ssl.CERT_NONE
Should be changed to:
will_verify = (context.verify_mode != ssl.CERT_NONE) and (context.check_hostname) |
|
Date |
User |
Action |
Args |
2014-11-27 19:42:39 | desbma | set | recipients:
+ desbma |
2014-11-27 19:42:39 | desbma | set | messageid: <1417117359.84.0.965866100579.issue22959@psf.upfronthosting.co.za> |
2014-11-27 19:42:39 | desbma | link | issue22959 messages |
2014-11-27 19:42:39 | desbma | create | |
|