Message 231893 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	benjamin.peterson
Recipients	alex, benjamin.peterson, christian.heimes, desbma
Date	2014-11-30.16:38:40
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1417365518.1296289.196969637.3DF5FE04@webmail.messagingengine.com>
In-reply-to	<1417364453.35.0.422816280264.issue22959@psf.upfronthosting.co.za>

Content
On Sun, Nov 30, 2014, at 11:20, Alex Gaynor wrote: > > Alex Gaynor added the comment: > > This will cause it to not validate in some cases where it currently is > validating? That seems like a regression to me. I suppose. Certainly, none of the "default" cases are affected. The problem is it's impossible to have cert validation w/o hostname checking by passing a context to some higher level API than HTTPSConnection (like xmlrpclib) because HTTPSConnection tries to be clever. Ideally, the check_hostname argument wouldn't exist, and everything would come from the context.

On Sun, Nov 30, 2014, at 11:20, Alex Gaynor wrote:
> 
> Alex Gaynor added the comment:
> 
> This will cause it to not validate in some cases where it currently is
> validating? That seems like a regression to me.

I suppose. Certainly, none of the "default" cases are affected. The
problem is it's impossible to have cert validation w/o hostname checking
by passing a context to some higher level API than HTTPSConnection (like
xmlrpclib) because HTTPSConnection tries to be clever. Ideally, the
check_hostname argument wouldn't exist, and everything would come from
the context.

History
Date	User	Action	Args
2014-11-30 16:38:40	benjamin.peterson	set	recipients: + benjamin.peterson, christian.heimes, alex, desbma
2014-11-30 16:38:40	benjamin.peterson	link	issue22959 messages
2014-11-30 16:38:40	benjamin.peterson	create