Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-7258

[Python Client for AMQP 0-8...0-9-1] Perform hostname verification of ssl/tls connections

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: qpid-python-1.35.0
    • Component/s: Python Client
    • Labels:
      None

      Description

      Currently, the Python client for AMQP 0-8...0-9-1 does not perform hostname verification of tls connections. this opens the possibility of Man-in-the-Middle attacks.

      We should enhance the client to have this ability, make it configurable and turn the feature on by default.
      It should respect hostnames from both CN and SANs, and support wildcards.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                lorenz.quack Lorenz Quack
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: