Comment 0 for bug 1815439

[Impact]

 * OpenSSL 1.1.1 performs SNI hostname verification, therefore hostname SSL context option must be set when establishing the connection, otherwise, validation of SNI certificates fail and thus resulting in lack of connectivity.

[Test Case]

 * use python-boto to connect to an SNI tls protected host

[Regression Potential]

 * change is compatible with pythons/openssl versions shipped in bionic/cosmic-release
 * change is from upstream / tested in debian & disco
 * change improves security, and is compatible with deployed servers out there
 * hosts with certificates not matching their actual hostname will remain invalid/untrusted