This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Alexander Todorov
Recipients Alexander Todorov
Date 2015-11-24.13:37:37
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
The latest file tries to validate hostnames vs certificates but includes a faulty regexp which causes any wildcard domains (e.g. * to fail validation. 

Steps to Reproduce:
>>> import ssl
>>> ssl._dnsname_match("*", "")

From Python's documentation:


    Used to indicate a set of characters. In a set:

        Special characters lose their special meaning inside sets. For example, [(+*)] will match any of the literal characters '(', '+', '*', or ')'.

^^^^^^^^^ this is the cause of the error

I've found this after an upgrade to RHEL 7.2 which contains the faulty code broke s3cmd for me. The result - one of my sites was outdated for a couple of days.

For more info and proposed patch see:

Note: As far as I can tell this affects upstream Python 2.7.10 and 3.5.0, however in the packages Red Hat distributes the code is different between 2 and 3 while upstream is more consistent.
Date User Action Args
2015-11-24 13:37:38Alexander Todorovsetrecipients: + Alexander Todorov
2015-11-24 13:37:38Alexander Todorovsetmessageid: <>
2015-11-24 13:37:37Alexander Todorovlinkissue25722 messages
2015-11-24 13:37:37Alexander Todorovcreate