summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristian Heimes <christian@cheimes.de>2013-12-02 19:59:28 (GMT)
committerChristian Heimes <christian@cheimes.de>2013-12-02 19:59:28 (GMT)
commita02c69a73b11b94adcd4e62316c835e856d6948b (patch)
treef15dcbc114eac80784c1ceb8aba727553276f5e6
parenta5768f729273b3e2f1464eeb348e16ff4c25df77 (diff)
downloadcpython-a02c69a73b11b94adcd4e62316c835e856d6948b.zip
cpython-a02c69a73b11b94adcd4e62316c835e856d6948b.tar.gz
cpython-a02c69a73b11b94adcd4e62316c835e856d6948b.tar.bz2
add check_hostname arg to ssl._create_stdlib_context()
-rw-r--r--Lib/ssl.py3
-rw-r--r--Lib/test/test_ssl.py4
2 files changed, 5 insertions, 2 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py
index 4c155ea..08b2df2 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -405,7 +405,7 @@ def create_default_context(purpose=Purpose.SERVER_AUTH, *, cafile=None,
def _create_stdlib_context(protocol=PROTOCOL_SSLv23, *, cert_reqs=None,
- purpose=Purpose.SERVER_AUTH,
+ check_hostname=False, purpose=Purpose.SERVER_AUTH,
certfile=None, keyfile=None,
cafile=None, capath=None, cadata=None):
"""Create a SSLContext object for Python stdlib modules
@@ -424,6 +424,7 @@ def _create_stdlib_context(protocol=PROTOCOL_SSLv23, *, cert_reqs=None,
if cert_reqs is not None:
context.verify_mode = cert_reqs
+ context.check_hostname = check_hostname
if keyfile and not certfile:
raise ValueError("certfile must be specified")
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index ed263c3..4da31e1 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1032,9 +1032,11 @@ class ContextTests(unittest.TestCase):
self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)
ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1,
- cert_reqs=ssl.CERT_REQUIRED)
+ cert_reqs=ssl.CERT_REQUIRED,
+ check_hostname=True)
self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)
self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)
+ self.assertTrue(ctx.check_hostname)
self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)
ctx = ssl._create_stdlib_context(purpose=ssl.Purpose.CLIENT_AUTH)