httpslib Connections do not support SNI
Originally from https://bugzilla.redhat.com/show_bug.cgi?id=1198728
SNI is supported in m2crypto via the set_tlsext_host_name
method. However, this only exists on SSL.Connection and not httpslib.HTTPSConnection.
The attached patch adds a call to set_tlsext_host_name from HTTPSConnection when setting up the SSL connection, which allows connections to SNI-enabled servers.
Version-Release number of selected component (if applicable): m2crypto-0.21.1-18.fc21.x86_64
Steps to Reproduce:
- set up httpd server with two or more SSL-enabled VirtualHosts with different ServerName configs on the same IP
- attempt to connect to each VirtualHost using httpslib.HTTPSConnection()
Actual results:
WrongHost: Peer certificate commonName does not match host, expected , got <first defined VirtualHost in httpd's ssl.conf>
Expected results: successful connection