Hi - I am using M2Crypto 0.20.2 and python 2.4.3. I connect to the server with the fully qualified domain name. The common name in the server certificate does not use the FQDN so I get this error:
M2Crypto.SSL.Checker.WrongHost: Peer certificate commonName does not match host
How do I override the post connection check of the host name?
Thanks!
Setting SSL.Connection.clientPostConnectionCheck = None does bypass the WrongHost check, but it also bypasses many other checks that you probably don't want to bypass (such as checking if there is any certificate at all). I would recommend using a try/except combo to catch the WrongHost because there isn't really anything else that is checked or performed before the end of the connect function.
In other words, nothing is left undone (as far as I can see in the source) by just catching this exception, and therefore I say that it is a better route than using
SSL.Connection.clientPostConnectionCheck = None
which gets rid of a lot of other valuable checks.
As far as the error when making the xmlrpc call, I can't say for sure without knowing what the error is. I'm guessing that it is the ProtocolError exception and if that is the case you can just edit m2xmlrpclib.py to not raise an exception with the errcode that is listed in the ProtocolError exception you are getting.