commit e6f3588e88eb8073384fd59009c37b4ad7f51d9b
author Cory Benfield <lukasaoz@gmail.com> Tue Mar 29 11:21:04 2016 +0100
committer Cory Benfield <lukasaoz@gmail.com> Tue Mar 29 11:21:04 2016 +0100
tree 9f2886c80b9f59677e40f5074688b19d59a1e885
parent d16b93b43373f3bee6652495b8a379a2fc3b79c4

Raise NotImplementedError when SNI not present.

src/OpenSSL/SSL.py

diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index 800ae1e..9eac166 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py
@@ -436,6 +436,22 @@
     return wrapper
 
 
+def _requires_sni(func):
+    """
+    Wraps any function that requires SNI support in OpenSSL, ensuring that
+    NotImplementedError is raised if SNI support is not present. This applies
+    to OpenSSL versions older than 1.0.0.
+    """
+    @wraps(func)
+    def wrapper(*args, **kwargs):
+        if not _lib.Cryptography_HAS_TLSEXT_HOSTNAME:
+            raise NotImplementedError("SNI not available: OpenSSL too old.")
+
+        return func(*args, **kwargs)
+
+    return wrapper
+
+
 class Session(object):
     pass
 
@@ -991,6 +1007,7 @@
 
         return _lib.SSL_CTX_set_mode(self._context, mode)
 
+    @_requires_sni
     def set_tlsext_servername_callback(self, callback):
         """
         Specify a callback function to be called when clients specify a server
@@ -1209,6 +1226,7 @@
         _lib.SSL_set_SSL_CTX(self._ssl, context._context)
         self._context = context
 
+    @_requires_sni
     def get_servername(self):
         """
         Retrieve the servername extension value if provided in the client hello
@@ -1224,6 +1242,7 @@
 
         return _ffi.string(name)
 
+    @_requires_sni
     def set_tlsext_host_name(self, name):
         """
         Set the value of the servername extension to send in the client hello.