diff options
| author | Christian Heimes <christian@cheimes.de> | 2013-12-04 20:46:20 +0100 |
|---|---|---|
| committer | Christian Heimes <christian@cheimes.de> | 2013-12-04 20:46:20 +0100 |
| commit | 1da3ba8697b3b72f6a1c2d22f7920977d59d661d (patch) | |
| tree | e153953553e45a49830079e1488f959b38c74bbc | |
| parent | 31d83228c2c58d7882a742c1c297893c2508b925 (diff) | |
| download | cpython-git-1da3ba8697b3b72f6a1c2d22f7920977d59d661d.tar.gz | |
Issue #19509: Don't close the socket in do_handshake() when hostname verification fails.
| -rw-r--r-- | Lib/ssl.py | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py index 08b2df2fc1..052a118abb 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -764,15 +764,10 @@ class SSLSocket(socket): self.settimeout(timeout) if self.context.check_hostname: - try: - if not self.server_hostname: - raise ValueError("check_hostname needs server_hostname " - "argument") - match_hostname(self.getpeercert(), self.server_hostname) - except Exception: - self.shutdown(_SHUT_RDWR) - self.close() - raise + if not self.server_hostname: + raise ValueError("check_hostname needs server_hostname " + "argument") + match_hostname(self.getpeercert(), self.server_hostname) def _real_connect(self, addr, connect_ex): if self.server_side: |