Merge pull request #1724 from phackt/master

fix SNI for transparent mode - #1638
author: Maximilian Hils <git@maximilianhils.com> 2016-11-09 13:25:37 +0100
committer: GitHub <noreply@github.com> 2016-11-09 13:25:37 +0100
commit: 564e56c26275698d3eb59bb3f97240bb0ba499e5 (patch)
tree: 87d0c0f263438c8c98f55f3a360953815f671bcd
parent: 184e29e119a56762af7cb71cc872af12f92778e8 (diff)
parent: 2a2387fb3293bb5cd08c4e18f1d8153619c7ef3b (diff)
download: mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.tar.gz
mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.tar.bz2
mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/examples/sslstrip.py b/examples/sslstrip.py
index b5e46397..9a090c0c 100644
--- a/examples/sslstrip.py
+++ b/examples/sslstrip.py
@@ -17,6 +17,11 @@ def request(flow):
         flow.request.scheme = 'https'
         flow.request.port = 443
 
+        # We need to update the request destination to whatever is specified in the host header:
+        # Having no TLS Server Name Indication from the client and just an IP address as request.host
+        # in transparent mode, TLS server name certificate validation would fail.
+        flow.request.host = flow.request.pretty_host
+
 
 def response(flow):
     flow.response.headers.pop('Strict-Transport-Security', None)
author	Maximilian Hils <git@maximilianhils.com>	2016-11-09 13:25:37 +0100
committer	GitHub <noreply@github.com>	2016-11-09 13:25:37 +0100
commit	564e56c26275698d3eb59bb3f97240bb0ba499e5 (patch)
tree	87d0c0f263438c8c98f55f3a360953815f671bcd
parent	184e29e119a56762af7cb71cc872af12f92778e8 (diff)
parent	2a2387fb3293bb5cd08c4e18f1d8153619c7ef3b (diff)
download	mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.tar.gz mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.tar.bz2 mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.zip