Jim Fulton added the comment:

I'm not ignoring anything AFAICT.

There are applications where server hostname isn't useful (no virtual hosts, 
client has server's public key).

I'm not positive we're disagreeing, so let me put this another way.

1. If the given SSL context has check_hostname set to False,
   then ``create_connection`` should not not require a value for
   ``server_hostname``, regardless of the value of ``host``.

   Do you agree?

2. If the given SSL context has check_hostname set to True,
   then ``create_connection`` should not accept an empty string
   to disable hostname checks.

   Do you agree? I'm wondering is this is what you're referring to
   as a bug.

   Personally, this only bothers me from a TOOWTDI perspective.
   I can imagine (always a dangerous word :)) people wanting to 
   reuse an SSL context but disable host name checking. In any case,
   "fixing" this would likely be a breaking change.


Python tracker <rep...@bugs.python.org>
Python-bugs-list mailing list

Reply via email to