This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dstufft
Recipients Dima.Tisnek, Dolf.Andringa, dstufft, exarkun, giampaolo.rodola, grooverdan, janssen, jcea, markk, mnot, ncoghlan, pdp, pitrou, sag47, scott.tsai
Date 2014-03-20.03:30:46
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1395286247.23.0.0132484742184.issue5639@psf.upfronthosting.co.za>
In-reply-to
Content
To be clear, to get SNI with requests on 2.x you need requests, pyopenssl, ndg-httpsclient, and pyasn1 (which also pulls in cryptography, six, cffi, and pycparser). So that's 8 dependencies to get SNI on Python 2.x.

At least it's doable but it's kind of really unfriendly :/ Also the error message you get when you need SNI and it's not available is basically the most obtuse thing ever. You get told that the SSL verification failed for <some other domain> that isn't what you asked for but when you go to it in your Browser it'll all work kosher with no indication it was using SNI.

It's generally a good idea to install those extra things anyways because the SSL lib on Python 2.7 has other actual security issues which those address (IIRC it still has TLS compression on, I think it's default cipher list is rather poor, doesn't support TLS 1.2, etc).
History
Date User Action Args
2014-03-20 03:30:47dstufftsetrecipients: + dstufft, jcea, exarkun, ncoghlan, janssen, pitrou, mnot, giampaolo.rodola, scott.tsai, pdp, grooverdan, Dolf.Andringa, Dima.Tisnek, markk, sag47
2014-03-20 03:30:47dstufftsetmessageid: <1395286247.23.0.0132484742184.issue5639@psf.upfronthosting.co.za>
2014-03-20 03:30:47dstufftlinkissue5639 messages
2014-03-20 03:30:46dstufftcreate