subject:"\[issue40306\] Enhancement request for SSLContext \- flag to handle trailing dot in hostname"

[issue40306] Enhancement request for SSLContext - flag to handle trailing dot in hostname

2021-04-20 Thread Christian Heimes



Christian Heimes  added the comment:

OpenSSL feature request: https://github.com/openssl/openssl/issues/11560

--
versions: +Python 3.10 -Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue40306] Enhancement request for SSLContext - flag to handle trailing dot in hostname

2020-04-16 Thread Christian Heimes



Christian Heimes  added the comment:

I prefer not to interfere with hostname matching. Could you please open a 
feature request with OpenSSL and request a verification flag to ignore trailing 
dot? I'm happy to expose the feature if OpenSSL implements it.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue40306] Enhancement request for SSLContext - flag to handle trailing dot in hostname

2020-04-16 Thread bli2020



bli2020  added the comment:

sure, that sounds reasonable. I will open up a feature request with OpenSSL

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue40306] Enhancement request for SSLContext - flag to handle trailing dot in hostname

2020-04-16 Thread bli2020



New submission from bli2020 :

Issue31997 I know this issue was previously closed 
https://bugs.python.org/issue31997 because "it works as expected and should be 
handled in the application layer". But, could the team add a flag in SSLContext 
which will handle the trailing dot hostname appropriately (for the hostname 
check, since openssl does not support trailing dots in the hostname).

Previously in 2.7 and 3.6/before I was able to override ssl.match_hostname to 
add some extra checks, but now I am unable to do so because openssl is used 
instead. This extra flag/implementation would help solve this problem.

--
assignee: christian.heimes
components: SSL
messages: 366620
nosy: bli2020, christian.heimes
priority: normal
severity: normal
status: open
title: Enhancement request for SSLContext - flag to handle trailing dot in 
hostname
type: enhancement
versions: Python 3.7, Python 3.8, Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue40306] Enhancement request for SSLContext - flag to handle trailing dot in hostname

[issue40306] Enhancement request for SSLContext - flag to handle trailing dot in hostname

[issue40306] Enhancement request for SSLContext - flag to handle trailing dot in hostname

[issue40306] Enhancement request for SSLContext - flag to handle trailing dot in hostname

4 matches

Site Navigation

Mail list logo

Footer information