From 59d564fbd1f44d9ec654b827f0341c79fd2d0de2 Mon Sep 17 00:00:00 2001
From: liris <liris.pp@gmail.com>
Date: Tue, 14 Apr 2015 09:34:47 +0900
Subject: [PATCH] add some document. small refactoring

---
 ChangeLog          |  1 +
 websocket/_http.py | 32 ++++++++++++++++++++------------
 2 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 37abc63..2b65219 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,7 @@ ChangeLog
 - 0.30.0
 
   - fixed if client is behind proxy (#169)
+  - support SNI for python 2.7.9+ and 3.2+ (#172)
 
 - 0.29.0
 
diff --git a/websocket/_http.py b/websocket/_http.py
index a962eb8..477cfe0 100644
--- a/websocket/_http.py
+++ b/websocket/_http.py
@@ -118,6 +118,24 @@ def _open_socket(addrinfo_list, sockopt, timeout):
     return sock
 
 
+def _can_use_sni():
+    return sys.version_info[2] >= 9 or (six.PY3 and sys.version_info[2] >= 2)
+
+
+def _wrap_sni_socket(sock, sslopt, hostname):
+    context = ssl.create_default_context(cafile=sslopt.get('ca_certs', None))
+    context.options = sslopt.get('ssl_version', context.options)
+    context.verify_mode = sslopt['cert_reqs']
+    if 'ciphers' in sslopt:
+        context.set_ciphers(sslopt['ciphers'])
+    return context.wrap_socket(
+        sock,
+        do_handshake_on_connect=sslopt.get('do_handshake_on_connect', True),
+        suppress_ragged_eofs=sslopt.get('suppress_ragged_eofs', True),
+        server_hostname=hostname,
+    )
+
+
 def _ssl_socket(sock, user_sslopt, hostname):
     sslopt = dict(cert_reqs=ssl.CERT_REQUIRED)
     certPath = os.path.join(
@@ -127,18 +145,8 @@ def _ssl_socket(sock, user_sslopt, hostname):
     sslopt.update(user_sslopt)
     check_hostname = sslopt.pop('check_hostname', True)
 
-    if sys.version_info[2] >= 9 or (six.PY3 and sys.version_info[2] >= 2):
-        context = ssl.create_default_context(cafile=sslopt.get('ca_certs', None))
-        context.options = sslopt.get('ssl_version', context.options)
-        context.verify_mode = sslopt['cert_reqs']
-        if 'ciphers' in sslopt:
-            context.set_ciphers(sslopt['ciphers'])
-        sock = context.wrap_socket(
-            sock,
-            do_handshake_on_connect=sslopt.get('do_handshake_on_connect', True),
-            suppress_ragged_eofs=sslopt.get('suppress_ragged_eofs', True),
-            server_hostname=hostname,
-        )
+    if _can_use_sni:
+        sock = _wrap_sni_socket(sock, sslopt, hostname)
     else:
         sock = ssl.wrap_socket(sock, **sslopt)