From d99250631da38a50bd61ceac06aec0a4d9d3a0ce Mon Sep 17 00:00:00 2001
From: Michael Marshall <mmarshall@apache.org>
Date: Fri, 2 Jun 2023 00:06:06 -0500
Subject: [PATCH] [feat] PIP-273: Enable hostname verification by default

---
 pulsar/__init__.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pulsar/__init__.py b/pulsar/__init__.py
index dbf3d82..870ad10 100644
--- a/pulsar/__init__.py
+++ b/pulsar/__init__.py
@@ -391,7 +391,7 @@ def __init__(self, service_url,
                  use_tls=False,
                  tls_trust_certs_file_path=None,
                  tls_allow_insecure_connection=False,
-                 tls_validate_hostname=False,
+                 tls_validate_hostname=True,
                  logger=None,
                  connection_timeout_ms=10000,
                  listener_name=None
@@ -432,7 +432,7 @@ def __init__(self, service_url,
             Set the path to the trusted TLS certificate file. If empty defaults to certifi.
         tls_allow_insecure_connection: bool, default=False
             Configure whether the Pulsar client accepts untrusted TLS certificates from the broker.
-        tls_validate_hostname: bool, default=False
+        tls_validate_hostname: bool, default=True
             Configure whether the Pulsar client validates that the hostname of the endpoint,
             matches the common name on the TLS certificate presented by the endpoint.
         logger: optional