From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Date: Sat, 27 Mar 2021 14:29:50 +0000 (-0700)
Subject: bpo-39616: clarify SSLContext.check_hostname effect (GH-18484)
X-Git-Tag: v3.8.9~19
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9de6451558c38537b2335d6e04e3bf8743c30576;p=thirdparty%2FPython%2Fcpython.git

bpo-39616: clarify SSLContext.check_hostname effect (GH-18484)


It doesn't actually affect whether match_hostname() is called (it
never is in this context any longer), but whether hostname
verification occurs in the first place.
(cherry picked from commit 9798cef92b882cd82a338d3368eaf3c4a32f5c2d)

Co-authored-by: Ville Skyttä <ville.skytta@iki.fi>
---

diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
index 04523e914072..24b46ca1c7dc 100644
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -1878,7 +1878,7 @@ to speed up repeated connections from the same clients.
 
 .. attribute:: SSLContext.check_hostname
 
-   Whether to match the peer cert's hostname with :func:`match_hostname` in
+   Whether to match the peer cert's hostname in
    :meth:`SSLSocket.do_handshake`. The context's
    :attr:`~SSLContext.verify_mode` must be set to :data:`CERT_OPTIONAL` or
    :data:`CERT_REQUIRED`, and you must pass *server_hostname* to