diff options
Diffstat (limited to 'Doc')
| -rw-r--r-- | Doc/library/http.client.rst | 2 | ||||
| -rw-r--r-- | Doc/library/ssl.rst | 15 |
2 files changed, 12 insertions, 5 deletions
diff --git a/Doc/library/http.client.rst b/Doc/library/http.client.rst index f96ecc2..892e62f 100644 --- a/Doc/library/http.client.rst +++ b/Doc/library/http.client.rst @@ -169,8 +169,8 @@ The following exceptions are raised as appropriate: A subclass of :exc:`HTTPException`. Raised if a server responds with a HTTP status code that we don't understand. -The constants defined in this module are: +The constants defined in this module are: .. data:: HTTP_PORT diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index 59ebcd4..e86da5f 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -286,10 +286,10 @@ Certificate handling Verify that *cert* (in decoded format as returned by :meth:`SSLSocket.getpeercert`) matches the given *hostname*. The rules applied are those for checking the identity of HTTPS servers as outlined - in :rfc:`2818`, except that IP addresses are not currently supported. - In addition to HTTPS, this function should be suitable for checking the - identity of servers in various SSL-based protocols such as FTPS, IMAPS, - POPS and others. + in :rfc:`2818` and :rfc:`6125`, except that IP addresses are not currently + supported. In addition to HTTPS, this function should be suitable for + checking the identity of servers in various SSL-based protocols such as + FTPS, IMAPS, POPS and others. :exc:`CertificateError` is raised on failure. On success, the function returns nothing:: @@ -304,6 +304,13 @@ Certificate handling .. versionadded:: 3.2 + .. versionchanged:: 3.3.3 + The function now follows :rfc:`6125`, section 6.4.3 and does neither + match multiple wildcards (e.g. ``*.*.com`` or ``*a*.example.org``) nor + a wildcard inside an internationalized domain names (IDN) fragment. + IDN A-labels such as ``www*.xn--pthon-kva.org`` are still supported, + but ``x*.python.org`` no longer matches ``xn--tda.python.org``. + .. function:: cert_time_to_seconds(timestring) Returns a floating-point value containing a normal seconds-after-the-epoch |