diff options
| author | Jason R. Coombs <jaraco@jaraco.com> | 2014-09-29 21:14:51 -0400 |
|---|---|---|
| committer | Jason R. Coombs <jaraco@jaraco.com> | 2014-09-29 21:14:51 -0400 |
| commit | 459fa2041143a2ee9a221b21191d5dfc5d444ebd (patch) | |
| tree | 10a62f8bca69d5b035079d764e494f50701eee15 /setuptools/ssl_support.py | |
| parent | 2d6594b74de045821a7dbb4dd88b46a51af312e4 (diff) | |
| parent | fad1cf2b4cec5fc9b48608ef4c34c2713842e2e0 (diff) | |
| download | python-setuptools-bitbucket-459fa2041143a2ee9a221b21191d5dfc5d444ebd.tar.gz | |
Merge with 6.0.2
Diffstat (limited to 'setuptools/ssl_support.py')
| -rw-r--r-- | setuptools/ssl_support.py | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/setuptools/ssl_support.py b/setuptools/ssl_support.py index b574f4b9..c618ea7c 100644 --- a/setuptools/ssl_support.py +++ b/setuptools/ssl_support.py @@ -173,12 +173,19 @@ class VerifyingHTTPSConn(HTTPSConnection): if hasattr(self, '_tunnel') and getattr(self, '_tunnel_host', None): self.sock = sock self._tunnel() + # http://bugs.python.org/issue7776: Python>=3.4.1 and >=2.7.7 + # change self.host to mean the proxy server host when tunneling is + # being used. Adapt, since we are interested in the destination + # host for the match_hostname() comparison. + actual_host = self._tunnel_host + else: + actual_host = self.host self.sock = ssl.wrap_socket( sock, cert_reqs=ssl.CERT_REQUIRED, ca_certs=self.ca_bundle ) try: - match_hostname(self.sock.getpeercert(), self.host) + match_hostname(self.sock.getpeercert(), actual_host) except CertificateError: self.sock.shutdown(socket.SHUT_RDWR) self.sock.close() |