@@ -36,6 +36,8 @@ class HTTPSConnection(_http_client.HTTPSConnection):
3636 Connection class that enables usage of newer SSL protocols.
3737
3838 Reference: http://bugs.python.org/msg128686
39+
40+ NOTE: use https://check-tls.akamaized.net/ to check if (e.g.) TLS/SNI is working properly
3941 """
4042
4143 def __init__ (self , * args , ** kwargs ):
@@ -61,7 +63,7 @@ def create_sock():
6163
6264 # Reference(s): https://docs.python.org/2/library/ssl.html#ssl.SSLContext
6365 # https://www.mnot.net/blog/2014/12/27/python_2_and_tls_sni
64- if re .search (r"\A[\d.]+\Z" , conf . hostname or "" ) is None and kb .tlsSNI .get (conf . hostname ) is not False and hasattr (ssl , "SSLContext" ):
66+ if re .search (r"\A[\d.]+\Z" , self . host or "" ) is None and kb .tlsSNI .get (self . host ) is not False and hasattr (ssl , "SSLContext" ):
6567 for protocol in (_ for _ in _protocols if _ >= ssl .PROTOCOL_TLSv1 ):
6668 try :
6769 sock = create_sock ()
@@ -73,7 +75,7 @@ def create_sock():
7375 _contexts [protocol ].set_ciphers ("DEFAULT@SECLEVEL=1" )
7476 except ssl .SSLError :
7577 pass
76- result = _contexts [protocol ].wrap_socket (sock , do_handshake_on_connect = True , server_hostname = conf . hostname )
78+ result = _contexts [protocol ].wrap_socket (sock , do_handshake_on_connect = True , server_hostname = self . host )
7779 if result :
7880 success = True
7981 self .sock = result
@@ -86,8 +88,8 @@ def create_sock():
8688 self ._tunnel_host = None
8789 logger .debug ("SSL connection error occurred for '%s' ('%s')" % (_lut [protocol ], getSafeExString (ex )))
8890
89- if kb .tlsSNI .get (conf . hostname ) is None :
90- kb .tlsSNI [conf . hostname ] = success
91+ if kb .tlsSNI .get (self . host ) is None :
92+ kb .tlsSNI [self . host ] = success
9193
9294 if not success :
9395 for protocol in _protocols :
0 commit comments