commit a5768f729273b3e2f1464eeb348e16ff4c25df77
author Christian Heimes <christian@cheimes.de> Mon Dec 02 20:44:17 2013 +0100
committer Christian Heimes <christian@cheimes.de> Mon Dec 02 20:44:17 2013 +0100
tree 412ebd87c07e7b9a80d745faa14102280ee7ff0e
parent 216d463b1f5eea7b6505b9ec13372d830ef720b6

Issue #19785: smtplib now supports SSLContext.check_hostname and server name
indication for TLS/SSL connections.

Lib/smtplib.py

diff --git a/Lib/smtplib.py b/Lib/smtplib.py
index 6fc65f6..796b866 100644
--- a/Lib/smtplib.py
+++ b/Lib/smtplib.py
@@ -232,6 +232,7 @@
         will be used.
 
         """
+        self._host = host
         self.timeout = timeout
         self.esmtp_features = {}
         self.source_address = source_address
@@ -667,7 +668,9 @@
             if context is None:
                 context = ssl._create_stdlib_context(certfile=certfile,
                                                      keyfile=keyfile)
-            self.sock = context.wrap_socket(self.sock)
+            server_hostname = self._host if ssl.HAS_SNI else None
+            self.sock = context.wrap_socket(self.sock,
+                                            server_hostname=server_hostname)
             self.file = None
             # RFC 3207:
             # The client MUST discard any knowledge obtained from
@@ -892,7 +895,9 @@
                 print('connect:', (host, port), file=stderr)
             new_socket = socket.create_connection((host, port), timeout,
                     self.source_address)
-            new_socket = self.context.wrap_socket(new_socket)
+            server_hostname = self._host if ssl.HAS_SNI else None
+            new_socket = self.context.wrap_socket(new_socket,
+                                                  server_hostname=server_hostname)
             return new_socket
 
     __all__.append("SMTP_SSL")