From e1043173d712a61b5c09b668947f5aad559f8b1a Mon Sep 17 00:00:00 2001
From: Sheldon Klassen <shelklas@gmail.com>
Date: Mon, 24 Apr 2023 09:06:57 -0400
Subject: [PATCH] Disabled hostname and certificate validation for TLSv1.3
 support. (#5395)

---
 lib/request/httpshandler.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/request/httpshandler.py b/lib/request/httpshandler.py
index 05e1ccf8b..03c4079dc 100644
--- a/lib/request/httpshandler.py
+++ b/lib/request/httpshandler.py
@@ -69,6 +69,11 @@ class HTTPSConnection(_http_client.HTTPSConnection):
                     sock = create_sock()
                     if protocol not in _contexts:
                         _contexts[protocol] = ssl.SSLContext(protocol)
+
+                        # Disable certificate and hostname validation enabled by default with PROTOCOL_TLS_CLIENT
+                        _contexts[protocol].check_hostname = False
+                        _contexts[protocol].verify_mode = ssl.CERT_NONE
+
                         if getattr(self, "cert_file", None) and getattr(self, "key_file", None):
                             _contexts[protocol].load_cert_chain(certfile=self.cert_file, keyfile=self.key_file)
                         try: