Add SSL SNI support

author: Danni Moiseyev <danni@redislabs.com> 2018-10-14 19:40:57 +0300
committer: Ori Markovitch <ori@redislabs.com> 2018-11-26 06:36:56 -0800
commit: 16f21ea4784202be8e7b0b69d2211b0ac0d2ae9e (patch)
tree: 580cf97ccd7655592d908037b9b817057f690a56
parent: fdd40a58db6e6d6b6b929f52eab91c49be411a98 (diff)
download: redis-py-16f21ea4784202be8e7b0b69d2211b0ac0d2ae9e.tar.gz
1 files changed, 9 insertions, 5 deletions
diff --git a/redis/connection.py b/redis/connection.py
index 9b949c5..7d466d1 100755
--- a/redis/connection.py
+++ b/redis/connection.py
@@ -729,11 +729,15 @@ class SSLConnection(Connection):
     def _connect(self):
         "Wrap the socket with SSL support"
         sock = super(SSLConnection, self)._connect()
-        sock = ssl.wrap_socket(sock,
-                               cert_reqs=self.cert_reqs,
-                               keyfile=self.keyfile,
-                               certfile=self.certfile,
-                               ca_certs=self.ca_certs)
+        context = ssl.create_default_context()
+        context.check_hostname = False
+        context.verify_mode = self.cert_reqs
+        if self.certfile and self.keyfile:
+            context.load_cert_chain(certfile=self.certfile, keyfile=self.keyfile)
+        if self.ca_certs:
+            context.load_verify_locations(self.ca_certs)
+        sock = context.wrap_socket(sock,
+                               server_hostname=self.host)
         return sock
author	Danni Moiseyev <danni@redislabs.com>	2018-10-14 19:40:57 +0300
committer	Ori Markovitch <ori@redislabs.com>	2018-11-26 06:36:56 -0800
commit	16f21ea4784202be8e7b0b69d2211b0ac0d2ae9e (patch)
tree	580cf97ccd7655592d908037b9b817057f690a56
parent	fdd40a58db6e6d6b6b929f52eab91c49be411a98 (diff)
download	redis-py-16f21ea4784202be8e7b0b69d2211b0ac0d2ae9e.tar.gz