Skip to content

Commit

Permalink
Don't use legacy ssl hostname validation for python >= 3.12
Browse files Browse the repository at this point in the history
  • Loading branch information
Susanne Lindgren authored and Jens-G committed Nov 20, 2024
1 parent 0f02753 commit 23e0e5c
Showing 1 changed file with 9 additions and 2 deletions.
11 changes: 9 additions & 2 deletions lib/py/src/transport/sslcompat.py
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,15 @@ def _optional_dependencies():
logger.debug('ssl.match_hostname is available')
match = match_hostname
except ImportError:
logger.warning('using legacy validation callback')
match = legacy_validate_callback
# https://docs.python.org/3/whatsnew/3.12.html:
# "Remove the ssl.match_hostname() function. It was deprecated in Python
# 3.7. OpenSSL performs hostname matching since Python 3.7, Python no
# longer uses the ssl.match_hostname() function.""
if sys.version_info[0] > 3 or (sys.version_info[0] == 3 and sys.version_info[1] >= 12):
match = lambda cert, hostname: True
else:
logger.warning('using legacy validation callback')
match = legacy_validate_callback
return ipaddr, match


Expand Down

0 comments on commit 23e0e5c

Please sign in to comment.