Problem
In upstream core/interceptor.py, TLSContextFactory.client_context() still sets:
check_hostname = Falseverify_mode = ssl.CERT_NONE
This means upstream TLS connections are not authenticated and are vulnerable to MITM on the upstream leg.
Location
core/interceptor.py around lines 560-563 on current main
Impact
- Silent acceptance of invalid/untrusted certificates
- Loss of server identity guarantees
Proposed fix
Use a verified client context by default (for example ssl.create_default_context(ssl.Purpose.SERVER_AUTH)) with hostname verification enabled.
Existing work
A PR with this fix is already open: #7
Problem
In upstream
core/interceptor.py,TLSContextFactory.client_context()still sets:check_hostname = Falseverify_mode = ssl.CERT_NONEThis means upstream TLS connections are not authenticated and are vulnerable to MITM on the upstream leg.
Location
core/interceptor.pyaround lines 560-563 on currentmainImpact
Proposed fix
Use a verified client context by default (for example
ssl.create_default_context(ssl.Purpose.SERVER_AUTH)) with hostname verification enabled.Existing work
A PR with this fix is already open: #7