Author desbma
Recipients alex, benjamin.peterson, christian.heimes, desbma
Date 2014-11-30.11:51:52
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1417348312.54.0.0783341137031.issue22959@psf.upfronthosting.co.za>
In-reply-to
Content
I think it does, when passing a context with ssl_context.verify_mode != ss.CERT_NONE, and when not setting the check_hostname parameter: 
1. will_verify will be True (https://hg.python.org/cpython/file/3.4/Lib/http/client.py#l1207)
2. check_hostname will be True too (https://hg.python.org/cpython/file/3.4/Lib/http/client.py#l1209)
3. ssl.match_hostname will be called after the handshake in wrap_socket (https://hg.python.org/cpython/file/3.4/Lib/http/client.py#l1230)

The following code shows the problem:

import http.client
import ssl

ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
ssl_context.verify_mode = ssl.CERT_REQUIRED
ssl_context.check_hostname = False
https = http.client.HTTPSConnection("localhost", context=ssl_context)
print(https._check_hostname)
History
Date User Action Args
2014-11-30 11:51:52desbmasetrecipients: + desbma, christian.heimes, benjamin.peterson, alex
2014-11-30 11:51:52desbmasetmessageid: <1417348312.54.0.0783341137031.issue22959@psf.upfronthosting.co.za>
2014-11-30 11:51:52desbmalinkissue22959 messages
2014-11-30 11:51:52desbmacreate