[issue19507] ssl.wrap_socket() with server_hostname should imply match_hostname()
Christian Heimes
report at bugs.python.org
Tue Nov 5 23:47:30 CET 2013
New submission from Christian Heimes:
I find it surprising that wrap_socket() doesn't verify the server name with match_hostname() when it is called with a server_name argument. The check should be done by default.
I suggest:
- add validate_hostname=True flag to wrap_socket() and functions that call wrap_socket()
- add SSLSocket.match_hostname(hostname=None) to validate hostname with current cert. hostname shall default to server_hostname
----------
messages: 202244
nosy: christian.heimes, giampaolo.rodola, janssen, pitrou
priority: normal
severity: normal
stage: test needed
status: open
title: ssl.wrap_socket() with server_hostname should imply match_hostname()
type: enhancement
versions: Python 3.4
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue19507>
_______________________________________
More information about the Python-bugs-list
mailing list