From 697c22a46cfce03abe9e3acbca7950d318dd4a34 Mon Sep 17 00:00:00 2001
From: Calum Lind <calumlind+deluge@gmail.com>
Date: Thu, 24 Sep 2015 21:50:24 +0100
Subject: [PATCH] [#2765] Add support for TLS SNI in httpdownloader

---
 deluge/httpdownloader.py | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/deluge/httpdownloader.py b/deluge/httpdownloader.py
index 14dcdc338..678f78183 100644
--- a/deluge/httpdownloader.py
+++ b/deluge/httpdownloader.py
@@ -211,7 +211,23 @@ def download_file(url, filename, callback=None, headers=None, force_filename=Fal
     factory = HTTPDownloader(url, filename, callback, headers, force_filename, allow_compression)
     if scheme == "https":
         from twisted.internet import ssl
-        reactor.connectSSL(host, port, factory, ssl.ClientContextFactory())
+        # ClientTLSOptions in Twisted >= 14, see ticket #2765 for details on this addition.
+        try:
+            from twisted.internet._sslverify import ClientTLSOptions
+        except ImportError:
+            ctx_factory = ssl.ClientContextFactory()
+        else:
+            class TLSSNIContextFactory(ssl.ClientContextFactory):
+                """
+                A custom context factory to add a server name for TLS connections.
+                """
+                def getContext(self, hostname=None, port=None):
+                    ctx = ssl.ClientContextFactory.getContext(self)
+                    ClientTLSOptions(host, ctx)
+                    return ctx
+            ctx_factory = TLSSNIContextFactory()
+
+        reactor.connectSSL(host, port, factory, ctx_factory)
     else:
         reactor.connectTCP(host, port, factory)