This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author gigaplastik
Recipients SilentGhost, barry, gigaplastik, labrat, r.david.murray
Date 2016-03-03.08:50:53
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1456995054.99.0.221422557222.issue25852@psf.upfronthosting.co.za>
In-reply-to
Content 
Found the same issue independently, but I believe my version of the patch is a little more thoughtful. Since the host is allowed to be supplied in 'hostname:port' format the assignment to ._host should be made _after_ checking (and probably parsing) this format.

The reason for this is that ._host is passed to ssl.SSLContext.wrap_socket method where it is used for SNI, defined in [1]. According to this RFC, "[c]urrently, the only server names supported are DNS hostnames; ... Literal IPv4 and IPv6 addresses are not permitted in [HostName]."

Checking if hostname passed is really a DNS name and not an IP address is up to ssl library, but here, in .connect method, at least the port number should be stripped off.

[1] https://tools.ietf.org/html/rfc4366.html
History
Date User Action Args
2016-03-03 08:50:55gigaplastiksetrecipients: + gigaplastik, barry, r.david.murray, SilentGhost, labrat
2016-03-03 08:50:55gigaplastiksetmessageid: <1456995054.99.0.221422557222.issue25852@psf.upfronthosting.co.za>
2016-03-03 08:50:54gigaplastiklinkissue25852 messages
2016-03-03 08:50:54gigaplastikcreate