[QPID-7258] [Python Client for AMQP 0-8...0-9-1] Perform hostname verification of ssl/tls connections - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: qpid-python-1.35.0
Component/s: Python Client
Labels:
None

Description

Currently, the Python client for AMQP 0-8...0-9-1 does not perform hostname verification of tls connections. this opens the possibility of Man-in-the-Middle attacks.

We should enhance the client to have this ability, make it configurable and turn the feature on by default.
It should respect hostnames from both CN and SANs, and support wildcards.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-QPID-7258-Python-Client-for-AMQP-0-8.0-9-1-Perform-h.patch
11/May/16 14:01
6 kB
Lorenz Quack

Issue Links

is related to

QPID-7254 [Python Client] Perform SSL hostname verification

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Lorenz Quack

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 11/May/16 13:56

Updated:: 23/Dec/16 16:30

Resolved:: 13/May/16 08:18