Issue #5639: Add a *server_hostname* argument to `SSLContext.wrap_socket`
in order to support the TLS SNI extension. `HTTPSConnection` and
`urlopen()` also use this argument, so that HTTPS virtual hosts are now
supported.
diff --git a/Lib/http/client.py b/Lib/http/client.py
index 1039fa5..6c38c4a 100644
--- a/Lib/http/client.py
+++ b/Lib/http/client.py
@@ -1081,7 +1081,9 @@
self.sock = sock
self._tunnel()
- self.sock = self._context.wrap_socket(sock)
+ server_hostname = self.host if ssl.HAS_SNI else None
+ self.sock = self._context.wrap_socket(sock,
+ server_hostname=server_hostname)
try:
if self._check_hostname:
ssl.match_hostname(self.sock.getpeercert(), self.host)