bpo-36868: Fix what's new for SSLContext.hostname_checks_common_name (GH-13248)

What's new now mentions SSLContext.hostname_checks_common_name instead of SSLContext.host_flags.

https://bugs.python.org/issue36868
(cherry picked from commit 47eb2234061524562a4b484e3a395f4fdd6c1b76)

Co-authored-by: Christian Heimes <christian@python.org>

diff --git a/Doc/whatsnew/3.7.rst b/Doc/whatsnew/3.7.rst
index e8572ec0b4922fd230293aa1619782c3cc80ac2e..e78af225d3857c032a6ff4db57d242b722b10b7f 100644 (file)
--- a/Doc/whatsnew/3.7.rst
+++ b/Doc/whatsnew/3.7.rst
@@ -1307,7 +1307,7 @@ including failing the host name check now raises
 :exc:`~ssl.SSLCertVerificationError` and aborts the handshake with a proper
 TLS Alert message.  The new exception contains additional information.
 Host name validation can be customized with
-:attr:`SSLContext.host_flags <ssl.SSLContext.host_flags>`.
+:attr:`SSLContext.hostname_checks_common_name <ssl.SSLContext.hostname_checks_common_name>`.
 (Contributed by Christian Heimes in :issue:`31399`.)
 
 .. note::
@@ -1320,8 +1320,7 @@ The ``ssl`` module no longer sends IP addresses in SNI TLS extension.
 (Contributed by Christian Heimes in :issue:`32185`.)
 
 :func:`~ssl.match_hostname` no longer supports partial wildcards like
-``www*.example.org``. :attr:`SSLContext.host_flags <ssl.SSLContext.host_flags>`
-has partial wildcard matching disabled by default.
+``www*.example.org``.
 (Contributed by Mandeep Singh in :issue:`23033` and Christian Heimes in
 :issue:`31399`.)
 

diff --git a/Misc/NEWS.d/next/Documentation/2019-05-11-17-42-15.bpo-36868.yioL0R.rst b/Misc/NEWS.d/next/Documentation/2019-05-11-17-42-15.bpo-36868.yioL0R.rst
new file mode 100644 (file)
index 0000000..ad9ed5b
--- /dev/null
+++ b/Misc/NEWS.d/next/Documentation/2019-05-11-17-42-15.bpo-36868.yioL0R.rst
@@ -0,0 +1,2 @@
+What's new now mentions SSLContext.hostname_checks_common_name instead of
+SSLContext.host_flags.