Comment 5 for bug 1500768

Ok, let me clarify some points here.

First, I pointed that change as it's the closest thing that changed in python 3.4.3 which can have an impact on SNI, it may be something different which broke requests.
The invalid certificate tests is a test that is passing (this was to underline that I already had verfiy=true and checked that the SSL certificate check was done, as I was aware about the non check of it in python)

So, what is broken? I think the target is the SNI support with older request
1. Setup
- Install ubuntu-make from ubuntu-desktop/ubuntu-make ppa
- Have a proxy (squid.internal) for instance, filtering your network
- Export HTTPS_PROXY to point to your squid internal proxy

2. With python 3.4.0:
- Run "umake android" -> android-studio resolve, show the license page and install

3. With python 3.4.3 (current 14.04):
- Run "umake android" -> you will get the hostname 'squid.internal' doesn't match either of '*.google.com', '*.android.com', '*.appengine.google.com', '*.cloud.google.com', '*.google-analytics.com', '*.google.ca', <…>' message (content depending on the allowed site from your proxy).

4. With python 3.4.3 + requests 2.7 backported in my ppa (didrocks/ppa):
- Run "umake android" -> android-studio resolve, show the license page and install

As you can see, Ubuntu Make code didn't change at all in any of those tests, I think requests post 2.2.1 has something that made SNI work with python 3.4.3.

As long as you have the right proxy config, I think this should simply fail:
import requests
requests.get('https://api.github.com/events')