Currently, there is an issue with sni_hostname not functioning correctly when the connection involves a socks proxy.
This problem arises due to the oversight in commit #696, where the update to _sync/socks_proxy.py and _async/socks_proxy.py was omitted.
Code for reproduction (written by @karosis88 at #771)
Set up proxy server (defaults to 1080 port)
git clone https://github.com/itsjfx/python-socks5-server
python python-socks5-server/server.py
Client
import httpcore
pool = httpcore.SOCKSProxy("socks5://127.0.0.1:1080")
response = pool.request("GET",
"https://185.199.108.153:443",
headers=[(b'Host', 'www.encode.io')],
extensions={'sni_hostname': 'www.encode.io'})
print(response)Expected output
Actual output
httpcore.ConnectError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: IP address mismatch, certificate is not valid for '185.199.108.153'. (_ssl.c:1123)
Suggested fix
Update the _sync/socks_proxy.py and _async/socks_proxy.py in a manner similar to that of the _sync/connection.py and _async/connection.py.
Example fix for _async/socks_proxy.py:
218 218 timeouts = request.extensions.get("timeout", {})
219 + sni_hostname = request.extensions.get("sni_hostname", None)
219 220 timeout = timeouts.get("connect", None)
261 - "server_hostname": self._remote_origin.host.decode("ascii"),
262 + "server_hostname": sni_hostname
263 + or self._origin.host.decode("ascii"), 
Currently, there is an issue with
sni_hostnamenot functioning correctly when the connection involves a socks proxy.This problem arises due to the oversight in commit #696, where the update to
_sync/socks_proxy.pyand_async/socks_proxy.pywas omitted.Code for reproduction (written by @karosis88 at #771)
Set up proxy server (defaults to 1080 port)
Client
Expected output
Actual output
Suggested fix
Update the
_sync/socks_proxy.pyand_async/socks_proxy.pyin a manner similar to that of the_sync/connection.pyand_async/connection.py.Example fix for
_async/socks_proxy.py: