@@ -43,11 +43,14 @@ def create_sock():
4343
4444 success = False
4545
46- if not kb .tlsSNI :
47- for protocol in _protocols :
46+ # Reference(s): https://docs.python.org/2/library/ssl.html#ssl.SSLContext
47+ # https://www.mnot.net/blog/2014/12/27/python_2_and_tls_sni
48+ if kb .tlsSNI != False and hasattr (ssl , "SSLContext" ):
49+ for protocol in filter (lambda _ : _ >= ssl .PROTOCOL_TLSv1 , _protocols ):
4850 try :
4951 sock = create_sock ()
50- _ = ssl .wrap_socket (sock , self .key_file , self .cert_file , ssl_version = protocol )
52+ context = ssl .SSLContext (protocol )
53+ _ = context .wrap_socket (sock , do_handshake_on_connect = False , server_hostname = self .host )
5154 if _ :
5255 success = True
5356 self .sock = _
@@ -60,16 +63,16 @@ def create_sock():
6063 self ._tunnel_host = None
6164 logger .debug ("SSL connection error occurred ('%s')" % getSafeExString (ex ))
6265
63- # Reference(s): https://docs.python.org/2/library/ssl.html#ssl.SSLContext
64- # https://www.mnot.net/blog/2014/12/27/python_2_and_tls_sni
65- if not success and hasattr (ssl , "SSLContext" ):
66- for protocol in filter (lambda _ : _ >= ssl .PROTOCOL_TLSv1 , _protocols ):
66+ if kb .tlsSNI is None :
67+ kb .tlsSNI = success
68+
69+ if not success :
70+ for protocol in _protocols :
6771 try :
6872 sock = create_sock ()
69- context = ssl .SSLContext (protocol )
70- _ = context .wrap_socket (sock , do_handshake_on_connect = False , server_hostname = self .host )
73+ _ = ssl .wrap_socket (sock , self .key_file , self .cert_file , ssl_version = protocol )
7174 if _ :
72- kb . tlsSNI = success = True
75+ success = True
7376 self .sock = _
7477 _protocols .remove (protocol )
7578 _protocols .insert (0 , protocol )
0 commit comments