subject:"\[issue32185\] SSLContext.wrap_socket sends SNI Extension when server

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2018-04-14 Thread Steve Dower

Change by Steve Dower : -- pull_requests: +6174 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.p

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2018-02-25 Thread Christian Heimes

Christian Heimes added the comment: The issue has been fixed in 2.7, 3.6-3.8 for OpenSSL >= 1.0.2 or platforms with inet_pton. I didn't bother to fix platforms without inet_pton since OpenSSL 1.0.1 and earlier are no longer support any way. -- resolution: -> fixed stage: patch review

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2018-02-25 Thread Christian Heimes

Christian Heimes added the comment: New changeset a5c9112300ecd492ed6cc9759dc8028766401f61 by Christian Heimes (Miss Islington (bot)) in branch '2.7': [2.7] bpo-32185: Don't send IP in SNI TLS extension (GH-5865) (#5871) https://github.com/python/cpython/commit/a5c9112300ecd492ed6cc9759dc80287

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2018-02-25 Thread miss-islington

Change by miss-islington : -- pull_requests: +5644 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mai

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2018-02-25 Thread Christian Heimes

Christian Heimes added the comment: New changeset e9370a47389903bb72badc95032ec84a0ebbf8cc by Christian Heimes in branch '3.6': bpo-32185: Don't send IP in SNI TLS extension (#5865) https://github.com/python/cpython/commit/e9370a47389903bb72badc95032ec84a0ebbf8cc --

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2018-02-24 Thread Christian Heimes

Change by Christian Heimes : -- pull_requests: +5639 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://m

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2017-12-20 Thread Christian Heimes

Christian Heimes added the comment: PS: With OpenSSL >= 1.0.2, inet_pton() is not required. -- ___ Python tracker ___ ___ Python-bug

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2017-12-20 Thread Christian Heimes

Christian Heimes added the comment: The code works on all platforms with OpenSSL >= 1.0.2. OpenSSL 1.0.1, 0.9.8 and earlier are no longer supported by upstream. Anybody with even marginal interest in secure TLS/SSL should update. Python.org's Windows and macOS binaries are good. The inet_pto

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2017-12-20 Thread Antoine Pitrou

Antoine Pitrou added the comment: By the way, Windows nowadays has inet_pton(): https://msdn.microsoft.com/en-us/library/windows/desktop/cc805844(v=vs.85).aspx Are there other platforms without it? inet_pton() is part of POSIX. -- nosy: +paul.moore, steve.dower, tim.golden, zach.ware

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2017-12-20 Thread Antoine Pitrou

Antoine Pitrou added the comment: > There is no platform-compatible way to detect if a string is an IP address. Actually, you could use the ipaddress module. -- nosy: +pitrou ___ Python tracker _

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2017-12-20 Thread Christian Heimes

Change by Christian Heimes : -- keywords: +patch pull_requests: +4829 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubs

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2017-12-20 Thread Christian Heimes

Change by Christian Heimes : -- keywords: +3.5regression stage: -> patch review type: -> behavior ___ Python tracker ___ ___ Python

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2017-11-30 Thread Christian Heimes

Christian Heimes added the comment: Thanks! 3.4 and 3.5 are out of scope. They only receive security fixes. For 3.7 https://github.com/python/cpython/compare/master...tiran:openssl_check_hostname will take care of the issue 2.7 and 3.6 are a bit tricky. There is no platform-compatible way t

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2017-11-30 Thread Matt Davis

New submission from Matt Davis : The current implementation of SSLContext.wrap_socket blindly sends whatever is passed in server_hostname in the SNI extension, assuming it's a DNS hostname. RFC6066 describes the SNI TLS extension, and specifically states that 'Literal IPv4 and IPv6 addresses a

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

[issue32185] SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

14 matches

Site Navigation

Mail list logo

Footer information