diff options
author | Christian Heimes <christian@cheimes.de> | 2013-12-02 19:59:28 (GMT) |
---|---|---|
committer | Christian Heimes <christian@cheimes.de> | 2013-12-02 19:59:28 (GMT) |
commit | a02c69a73b11b94adcd4e62316c835e856d6948b (patch) | |
tree | f15dcbc114eac80784c1ceb8aba727553276f5e6 | |
parent | a5768f729273b3e2f1464eeb348e16ff4c25df77 (diff) | |
download | cpython-a02c69a73b11b94adcd4e62316c835e856d6948b.zip cpython-a02c69a73b11b94adcd4e62316c835e856d6948b.tar.gz cpython-a02c69a73b11b94adcd4e62316c835e856d6948b.tar.bz2 |
add check_hostname arg to ssl._create_stdlib_context()
-rw-r--r-- | Lib/ssl.py | 3 | ||||
-rw-r--r-- | Lib/test/test_ssl.py | 4 |
2 files changed, 5 insertions, 2 deletions
@@ -405,7 +405,7 @@ def create_default_context(purpose=Purpose.SERVER_AUTH, *, cafile=None, def _create_stdlib_context(protocol=PROTOCOL_SSLv23, *, cert_reqs=None, - purpose=Purpose.SERVER_AUTH, + check_hostname=False, purpose=Purpose.SERVER_AUTH, certfile=None, keyfile=None, cafile=None, capath=None, cadata=None): """Create a SSLContext object for Python stdlib modules @@ -424,6 +424,7 @@ def _create_stdlib_context(protocol=PROTOCOL_SSLv23, *, cert_reqs=None, if cert_reqs is not None: context.verify_mode = cert_reqs + context.check_hostname = check_hostname if keyfile and not certfile: raise ValueError("certfile must be specified") diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index ed263c3..4da31e1 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -1032,9 +1032,11 @@ class ContextTests(unittest.TestCase): self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1, - cert_reqs=ssl.CERT_REQUIRED) + cert_reqs=ssl.CERT_REQUIRED, + check_hostname=True) self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1) self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED) + self.assertTrue(ctx.check_hostname) self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) ctx = ssl._create_stdlib_context(purpose=ssl.Purpose.CLIENT_AUTH) |