Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-11-01 06:01:29 +00:00
Code Issues Projects Releases Packages Wiki Activity

asyncio: Add server_hostname as create_connection() argument, with secure default.

Browse source
This commit is contained in:
Guido van Rossum 2013-11-01 14:16:54 -07:00
parent 2b430b8720
commit 21c85a7124
4 changed files with 78 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

23
Lib/asyncio/base_events.py
View file

@ -275,8 +275,27 @@ def getnameinfo(self, sockaddr, flags=0):
@tasks.coroutine
def create_connection(self, protocol_factory, host=None, port=None, *,
ssl=None, family=0, proto=0, flags=0, sock=None,
local_addr=None):
local_addr=None, server_hostname=None):
"""XXX"""
if server_hostname is not None and not ssl:
raise ValueError('server_hostname is only meaningful with ssl')
if server_hostname is None and ssl:
# Use host as default for server_hostname. It is an error
# if host is empty or not set, e.g. when an
# already-connected socket was passed or when only a port
# is given. To avoid this error, you can pass
# server_hostname='' -- this will bypass the hostname
# check. (This also means that if host is a numeric
# IP/IPv6 address, we will attempt to verify that exact
# address; this will probably fail, but it is possible to
# create a certificate for a specific IP address, so we
# don't judge it here.)
if not host:
raise ValueError('You must set server_hostname '
'when using ssl without a host')
server_hostname = host
if host is not None or port is not None:
if sock is not None:
raise ValueError(
@ -357,7 +376,7 @@ def create_connection(self, protocol_factory, host=None, port=None, *,
sslcontext = None if isinstance(ssl, bool) else ssl
transport = self._make_ssl_transport(
sock, protocol, sslcontext, waiter,
server_side=False, server_hostname=host)
server_side=False, server_hostname=server_hostname)
else:
transport = self._make_socket_transport(sock, protocol, waiter)