[issue31997] SSL lib does not handle trailing dot (period) in hostname or certificate
Christian Heimes
report at bugs.python.org
Fri Nov 10 02:11:26 EST 2017
Christian Heimes <lists at cheimes.de> added the comment:
In the future Python will no longer use its own hostname verification code. Instead we are going to rely on OpenSSL to verify the hostname for us. A trailing dot also affects SNI. How do OpenSSL's functions SSL_set_tlsext_host_name() and X509_VERIFY_PARAM_set1_host() deal with a trailing dot?
How do TLS servers such as Apache mod_ssl, Apache mod_nss, nginx, Go's TLS server, ... deal with trailing dot in SNI?
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue31997>
_______________________________________
More information about the Python-bugs-list
mailing list