[
https://issues.apache.org/jira/browse/THRIFT-3240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14623320#comment-14623320
]
Mubashir Kazia commented on THRIFT-3240:
----------------------------------------
The attached patched contains code from Python library. It tries to detect if
the function is available in the Python distribution and uses the function from
the distribution otherwise it uses the code included in the patch.
> Thrift Python client should support subjectAltName and wildcard certs in
> TSSLSocket
> -----------------------------------------------------------------------------------
>
> Key: THRIFT-3240
> URL: https://issues.apache.org/jira/browse/THRIFT-3240
> Project: Thrift
> Issue Type: Improvement
> Components: Python - Library
> Affects Versions: 0.9.2
> Reporter: Mubashir Kazia
> Labels: easyfix, patch, security
> Fix For: 0.9.3
>
> Attachments: THRIFT-3240.1.patch
>
>
> The TSSLSocket in Python Library does not support subjectAltName or wildcard
> certs. It fails to validate valid certs. Currently it only validates if the
> CN in Subject of the Server Cert matches the hostname we are trying to
> connect.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
