asyncio: Add server_hostname as create_connection() argument, with secure default.

2025-10-31 13:41:24 +00:00 · 2013-11-01 14:16:54 -07:00 · 2013-11-01 14:16:54 -07:00 · 21c85a7124
commit 21c85a7124
parent 2b430b8720
4 changed files with 78 additions and 5 deletions
--- a/Lib/asyncio/selector_events.py
+++ b/Lib/asyncio/selector_events.py
@ -573,7 +573,7 @@ def __init__(self, loop, rawsock, protocol, sslcontext, waiter=None,
            'server_side': server_side,
            'do_handshake_on_connect': False,
        }
-        if server_hostname is not None and not server_side and ssl.HAS_SNI:
+        if server_hostname and not server_side and ssl.HAS_SNI:
            wrap_kwargs['server_hostname'] = server_hostname
        sslsock = sslcontext.wrap_socket(rawsock, **wrap_kwargs)

@ -619,7 +619,7 @@ def _on_handshake(self):

        # Verify hostname if requested.
        peercert = self._sock.getpeercert()
-        if (self._server_hostname is not None and
+        if (self._server_hostname and
            self._sslcontext.verify_mode != ssl.CERT_NONE):
            try:
                ssl.match_hostname(peercert, self._server_hostname)