Closed igor-mendix closed 2 months ago
Is there any easy workaround for this? This is a problem running sslyze 5.2.0 on the latest Debian stable (12 aka Bookworm).
from sslyze.plugins.certificate_info._cert_chain_analyzer import (
File "/usr/lib/python3.12/site-packages/sslyze/plugins/certificate_info/_cert_chain_analyzer.py", line 3, in <module>
from ssl import CertificateError, match_hostname
ImportError: cannot import name 'match_hostname' from 'ssl' (/usr/lib/python3.12/ssl.py)
sslyze fails to start with python3_12. Please fix
a potential "quick" workaround is to use "https://pypi.org/project/backports.ssl_match_hostname/", but I'm not sure. And it's like going backwards
there was the same issue in other project and I'd say there is a good solution: https://github.com/aiortc/aioquic/issues/368
tl;dr
This might get solved by https://github.com/nabla-c0d3/sslyze/issues/638
Fixed in v6.0.0.
ssl.match_hostname()
function used here: https://github.com/nabla-c0d3/sslyze/blob/49380c1c2b1d1b521ffd4314fc52ea3927afd599/sslyze/plugins/certificate_info/_cert_chain_analyzer.py#L296 is deprecated since Python 3.7, and is already absent in 3.12.