remote should not overwrite server_hostname

Gallopsled / pwntools

CTF framework and exploit development library

http://pwntools.com

Other

12.01k stars 1.71k forks source link

Open MrQubo opened 3 months ago

MrQubo commented 3 months ago

import ssl
from pwn import *

io = remote('172.22.0.2', 9090, ssl=True, ssl_args={ 'server_hostname': 'example.com' })
...

In the above code server_hostname will be overwritten with '172.22.0.2'.

Arusekk commented 3 months ago

You can change assignments to setdefault probably.

MrQubo commented 3 months ago

Should I create PR to dev or stable?

MrQubo commented 3 months ago

I think we should jest error if 'server_hostname' is set in ssl_args and sni is not False.