Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
set check_hostname attribute before setiing verify_mode.
- Loading branch information
Showing
1 changed file
with
3 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
b96a2e8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, but I did it on purpose.
verify_mode
defaults toCERT_NONE
and settingcheck_hostname
to True before changing it will raise exception.b96a2e8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ping @liris
b96a2e8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
b96a2e8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's right. But it is checked both ways:
verify_mode = CERT_NONE
checks forcheck_hostname == False
.check_hostname = True
checks forverify_mode != CERT_NONE
.Where by default
check_hostname = False
andverify_mode = CERT_NONE
.Case 1. is prevented by making sure that function param
check_hostname
is always False when cert_reqs is CERT_NONE (it's down below, at :150).To prevent case 2. we have to set
verify_mode
beforecheck_hostname
, otherwise this happens:IMHO it is badly thought out in the stdlib, but we have to live with this.
b96a2e8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK.
578b57d to fix this.
b96a2e8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems to be OK now, thanks.