New submission from Christian Heimes: I find it surprising that wrap_socket() doesn't verify the server name with match_hostname() when it is called with a server_name argument. The check should be done by default.
I suggest: - add validate_hostname=True flag to wrap_socket() and functions that call wrap_socket() - add SSLSocket.match_hostname(hostname=None) to validate hostname with current cert. hostname shall default to server_hostname ---------- messages: 202244 nosy: christian.heimes, giampaolo.rodola, janssen, pitrou priority: normal severity: normal stage: test needed status: open title: ssl.wrap_socket() with server_hostname should imply match_hostname() type: enhancement versions: Python 3.4 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue19507> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
