[issue17980] ssl.match_hostname() trips over crafted wildcard names

Antoine Pitrou added the comment: Does the RFC say anything about this? How much wildcards are necessary to take up a significant amount of CPU time? -- nosy: +pitrou ___ Python tracker ___

[issue17980] ssl.match_hostname() trips over crafted wildcard names

New submission from Florian Weimer: If the name in the certificate contains many "*" characters, matching the compiled regular expression against the host name can take a very long time. Certificate validation happens before host name checking, so I think this is a minor issue only because it