Skip to content

Commit

Permalink
Include host in TLS setup
Browse files Browse the repository at this point in the history 
This enabled SNI, and allows it to check the certificate for the correct
host.
  • Loading branch information
@CendioOssman
CendioOssman committed Jul 30, 2024
1 parent f632fa0 commit b6c02b1
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
3 changes: 2 additions & 1 deletion websockify/websocket.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,8 @@ def connect(self, uri, origin=None, protocols=[]):

if uri.scheme in ("wss", "https"):
context = ssl.create_default_context()
self.socket = context.wrap_socket(self.socket)
self.socket = context.wrap_socket(self.socket,
server_hostname=uri.hostname)
self._state = "ssl_handshake"
else:
self._state = "headers"
Expand Down
2 changes: 1 addition & 1 deletion websockify/websockifyserver.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -471,7 +471,7 @@ def socket(host, port=None, connect=False, prefer_ipv6=False,
sock.connect(addrs[0][4])
if use_ssl:
context = ssl.create_default_context()
sock = context.wrap_socket(sock)
sock = context.wrap_socket(sock, server_hostname=host)
else:
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind(addrs[0][4])
Expand Down

0 comments on commit b6c02b1

Please sign in to comment.