Merge pull request #3735 from Kriechi/fix-3733

close the client connection if TLS ClientHello parsing fails
author: Maximilian Hils <git@maximilianhils.com> 2019-12-05 13:39:44 +0100
committer: GitHub <noreply@github.com> 2019-12-05 13:39:44 +0100
commit: 0b86d65b61ce3402691a7a4a7616e4fd3f9b29aa (patch)
tree: 45298063195df59603b5693841c110a52388e3f7
parent: f026285434a3800eef4284ff2d662d4d0c9a2d84 (diff)
parent: 79778071cf41d23823d0ce74dff9f7d9a922c04c (diff)
download: mitmproxy-0b86d65b61ce3402691a7a4a7616e4fd3f9b29aa.tar.gz
mitmproxy-0b86d65b61ce3402691a7a4a7616e4fd3f9b29aa.tar.bz2
mitmproxy-0b86d65b61ce3402691a7a4a7616e4fd3f9b29aa.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/mitmproxy/proxy/protocol/tls.py b/mitmproxy/proxy/protocol/tls.py
index 282df60d..f48cb947 100644
--- a/mitmproxy/proxy/protocol/tls.py
+++ b/mitmproxy/proxy/protocol/tls.py
@@ -242,6 +242,8 @@ class TlsLayer(base.Layer):
                 self._client_hello = net_tls.ClientHello.from_file(self.client_conn.rfile)
             except exceptions.TlsProtocolException as e:
                 self.log("Cannot parse Client Hello: %s" % repr(e), "error")
+                # Without knowning the ClientHello we cannot proceed in this connection.
+                return
 
         # Do we need to do a server handshake now?
         # There are two reasons why we would want to establish TLS with the server now:
author	Maximilian Hils <git@maximilianhils.com>	2019-12-05 13:39:44 +0100
committer	GitHub <noreply@github.com>	2019-12-05 13:39:44 +0100
commit	0b86d65b61ce3402691a7a4a7616e4fd3f9b29aa (patch)
tree	45298063195df59603b5693841c110a52388e3f7
parent	f026285434a3800eef4284ff2d662d4d0c9a2d84 (diff)
parent	79778071cf41d23823d0ce74dff9f7d9a922c04c (diff)
download	mitmproxy-0b86d65b61ce3402691a7a4a7616e4fd3f9b29aa.tar.gz mitmproxy-0b86d65b61ce3402691a7a4a7616e4fd3f9b29aa.tar.bz2 mitmproxy-0b86d65b61ce3402691a7a4a7616e4fd3f9b29aa.zip