Message261151
Found the same issue independently, but I believe my version of the patch is a little more thoughtful. Since the host is allowed to be supplied in 'hostname:port' format the assignment to ._host should be made _after_ checking (and probably parsing) this format.
The reason for this is that ._host is passed to ssl.SSLContext.wrap_socket method where it is used for SNI, defined in [1]. According to this RFC, "[c]urrently, the only server names supported are DNS hostnames; ... Literal IPv4 and IPv6 addresses are not permitted in [HostName]."
Checking if hostname passed is really a DNS name and not an IP address is up to ssl library, but here, in .connect method, at least the port number should be stripped off.
[1] https://tools.ietf.org/html/rfc4366.html |
|
Date |
User |
Action |
Args |
2016-03-03 08:50:55 | gigaplastik | set | recipients:
+ gigaplastik, barry, r.david.murray, SilentGhost, labrat |
2016-03-03 08:50:55 | gigaplastik | set | messageid: <1456995054.99.0.221422557222.issue25852@psf.upfronthosting.co.za> |
2016-03-03 08:50:54 | gigaplastik | link | issue25852 messages |
2016-03-03 08:50:54 | gigaplastik | create | |
|