Lib/test/test_ssl.py · 9bb8cebdce99db7e7a94f15141a8e0514b51aa72 · Batuhan Osman TASKAYA / cpython

[3.7] bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229) (GH-6230) · 2dd885ea

Miss Islington (bot) Mar 25, 2018 yazdı

Harden ssl module against LibreSSL CVE-2018-8970.
X509_VERIFY_PARAM_set1_host() is called with an explicit namelen. A new test
ensures that NULL bytes are not allowed.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit d02ac25a)
Co-authored-by: Christian Heimes <christian@python.org>

2dd885ea

test_ssl.py 174 KB

Replace test_ssl.py