Geert Jansen added the comment: > A question though: does it support server-side SNI? AFAIR server-side SNI > requires you to be able to change a SSL object's context.
Yes, it does. See the following comment in _servername_callback(): /* Pass a PySSLSocket instance when using memory BIOs, but an ssl.SSLSocket * when using sockets. Note that the latter is not a subclass of the * former, but both do have a "context" property. THis supports the common * use case of setting this property in the servername callback. */ The C-level _ssl._SSLSocket object is passed to the servername callback. It has a "context" property that can be set. I realize the above is an abstraction violation between the C and Python level. Now that we have an SSLObject Python level API, I could update the code to store a weakref to the SSLObject in the _SSLSocket (just like it does for SSLSocket). That way I can pass the Python level object into the callback. Any thoughts? ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue21965> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
