From: Christian Heimes <christian@cheimes.de>
Date: Wed, 4 Dec 2013 19:46:20 +0000 (+0100)
Subject: Issue #19509: Don't close the socket in do_handshake() when hostname verification... 
X-Git-Tag: v3.4.0b2~344
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=1da3ba8697b3b72f6a1c2d22f7920977d59d661d;p=thirdparty%2FPython%2Fcpython.git

Issue #19509: Don't close the socket in do_handshake() when hostname verification fails.
---

diff --git a/Lib/ssl.py b/Lib/ssl.py
index 08b2df2fc197..052a118abb4a 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -764,15 +764,10 @@ class SSLSocket(socket):
             self.settimeout(timeout)
 
         if self.context.check_hostname:
-            try:
-                if not self.server_hostname:
-                    raise ValueError("check_hostname needs server_hostname "
-                                     "argument")
-                match_hostname(self.getpeercert(), self.server_hostname)
-            except Exception:
-                self.shutdown(_SHUT_RDWR)
-                self.close()
-                raise
+            if not self.server_hostname:
+                raise ValueError("check_hostname needs server_hostname "
+                                 "argument")
+            match_hostname(self.getpeercert(), self.server_hostname)
 
     def _real_connect(self, addr, connect_ex):
         if self.server_side: