[issue5639] Support TLS SNI extension in ssl module
Antoine Pitrou
report at bugs.python.org
Sat May 22 22:17:18 CEST 2010
Antoine Pitrou <pitrou at free.fr> added the comment:
The patch probably needs refreshing now that first SSL contexts are in.
I wonder whether a combined boolean/string flag is really the best solution.
I think we could instead enable SNI by default and add an optional "server_hostname" to set the hostname to SSLContext.wrap_socket(), so that people can explicitly set the hostname; and otherwise take it, if possible, from the argument given to connect().
We can also add an "enable_sni" attribute to SSLContext (True by default) to allow selective disabling. This attribute would raise an exception if SNI support isn't available, which would be a way to test for it.
----------
nosy: +giampaolo.rodola
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue5639>
_______________________________________
More information about the Python-bugs-list
mailing list