[issue17997] ssl.match_hostname(): sub string wildcard should not match IDNA prefix
Antoine Pitrou
report at bugs.python.org
Sat May 18 16:10:30 CEST 2013
Antoine Pitrou added the comment:
Actually, I don't this is a bug: match_hostname() expects str data, and therefore IDNA-decoded domain names:
>>> b"xn--gtter-jua.example.de".decode("idna")
'götter.example.de'
Doing the matching on the decoded domain name should be safe.
Then it very much depends on whether the data you've got was IDNA-decoded, or naïvely ASCII-decoded, and I don't think the Python stdlib is very consistent here. Looking at the socket module, gethostbyaddr and getnameinfo seem to use ASCII decoding...
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17997>
_______________________________________
More information about the Python-bugs-list
mailing list