Christian Heimes added the comment: The patches in the dependency tickets are using SNI. The problem is, a non-None server_hostname argument raises an error when OpenSSL doesn't support the feature.
Here is a demo patch for my idea. It makes it very easy to add hostname matching to existing code. All it takes is the "server_hostname" argument to wrap_socket() and a new property "check_hostname" for the SSLContext object. The rest is done in do_handshake(). ---------- Added file: http://bugs.python.org/file32881/sslctx_check_hostname.patch _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue19509> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com