This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author njs
Recipients christian.heimes, njs
Date 2018-02-26.09:43:20
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1519638200.62.0.467229070634.issue30141@psf.upfronthosting.co.za>
In-reply-to
Content
I agree that backporting X509_VERIFY_PARAM_set1_host is unreasonable, at least until the openssl ecosystem has moved forward a bit. But in earlier versions, would it be easy to detect that do_handshake() hasn't been called and raise an error?

The docs say you have to call do_handshake(), so if you don't that's already a bug and breaking that case should be OK, especially since it's never worked correctly.

I'm not very stressed about this myself because my code doesn't trigger the error -- only buggy code does :-). But it would be nice if the buggy code could fail closed.
History
Date User Action Args
2018-02-26 09:43:20njssetrecipients: + njs, christian.heimes
2018-02-26 09:43:20njssetmessageid: <1519638200.62.0.467229070634.issue30141@psf.upfronthosting.co.za>
2018-02-26 09:43:20njslinkissue30141 messages
2018-02-26 09:43:20njscreate