Author pitrou
Recipients giampaolo.rodola, grooverdan, janssen, jcea, pdp, pitrou
Date 2010-05-22.20:17:15
SpamBayes Score 0.000162151
Marked as misclassified No
Message-id <1274559438.27.0.0300208370643.issue5639@psf.upfronthosting.co.za>
In-reply-to
Content
The patch probably needs refreshing now that first SSL contexts are in.

I wonder whether a combined boolean/string flag is really the best solution.

I think we could instead enable SNI by default and add an optional "server_hostname" to set the hostname to SSLContext.wrap_socket(), so that people can explicitly set the hostname; and otherwise take it, if possible, from the argument given to connect().

We can also add an "enable_sni" attribute to SSLContext (True by default) to allow selective disabling. This attribute would raise an exception if SNI support isn't available, which would be a way to test for it.
History
Date User Action Args
2010-05-22 20:17:18pitrousetrecipients: + pitrou, jcea, janssen, giampaolo.rodola, pdp, grooverdan
2010-05-22 20:17:18pitrousetmessageid: <1274559438.27.0.0300208370643.issue5639@psf.upfronthosting.co.za>
2010-05-22 20:17:16pitroulinkissue5639 messages
2010-05-22 20:17:15pitroucreate