[issue1589] New SSL module doesn't seem to verify hostname against commonName in certificate
Heikki Toivonen
report at bugs.python.org
Tue Aug 19 05:21:11 CEST 2008
Heikki Toivonen <hjtoi-bugzilla at comcast.net> added the comment:
I would definitely recommend providing as strict as possible hostname
verification in the stdlib, but provide application developers a way to
override that.
M2Crypto (and TLS Lite, from which I copied the approach to M2Crypto),
provide a default post connection checker. See
http://svn.osafoundation.org/m2crypto/trunk/M2Crypto/SSL/Connection.py
and the set_post_connection_check_callback() as well as
http://svn.osafoundation.org/m2crypto/trunk/M2Crypto/SSL/Checker.py.
----------
nosy: +heikki
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue1589>
_______________________________________
More information about the Python-bugs-list
mailing list