diff options
| author | Terry Long <macmantrl@me.com> | 2015-03-28 00:10:24 -0700 |
|---|---|---|
| committer | Terry Long <macmantrl@me.com> | 2015-07-03 07:55:37 -0700 |
| commit | 4c50c36345761f2b012c52bff230bdc5347f3d66 (patch) | |
| tree | c1473e84a57adadb7d2322e65cc75eb848eff2c6 /libmproxy/protocol | |
| parent | 4c831992aabae6bb99109d4a7abc1d7a2fb1d611 (diff) | |
| download | mitmproxy-4c50c36345761f2b012c52bff230bdc5347f3d66.tar.gz mitmproxy-4c50c36345761f2b012c52bff230bdc5347f3d66.tar.bz2 mitmproxy-4c50c36345761f2b012c52bff230bdc5347f3d66.zip | |
Prevent unecessary upstream server connects
Selectively connect to upstream server based on no_upstream_cert
option. When no_upstream_cert is used during server replay, prevent
connecting to the upstream server unless absolutely necessary.
Diffstat (limited to 'libmproxy/protocol')
| -rw-r--r-- | libmproxy/protocol/http.py | 6 | ||||
| -rw-r--r-- | libmproxy/protocol/primitives.py | 2 |
2 files changed, 5 insertions, 3 deletions
diff --git a/libmproxy/protocol/http.py b/libmproxy/protocol/http.py index da15066b..2bb1f528 100644 --- a/libmproxy/protocol/http.py +++ b/libmproxy/protocol/http.py @@ -1297,7 +1297,6 @@ class HTTPHandler(ProtocolHandler): self.c.set_server_address((request.host, request.port)) # Update server_conn attribute on the flow flow.server_conn = self.c.server_conn - self.c.establish_server_connection() self.c.client_conn.send( ('HTTP/%s.%s 200 ' % (request.httpversion[0], request.httpversion[1])) + 'Connection established\r\n' + @@ -1498,7 +1497,10 @@ class HTTPHandler(ProtocolHandler): "Received CONNECT request to SSL port. " "Upgrading to SSL...", "debug" ) - self.c.establish_ssl(server=True, client=True) + server_ssl = not self.c.config.no_upstream_cert + if server_ssl: + self.c.establish_server_connection() + self.c.establish_ssl(server=server_ssl, client=True) self.c.log("Upgrade to SSL completed.", "debug") if self.c.config.check_tcp(address): diff --git a/libmproxy/protocol/primitives.py b/libmproxy/protocol/primitives.py index 2f8ea3e0..a9193c5f 100644 --- a/libmproxy/protocol/primitives.py +++ b/libmproxy/protocol/primitives.py @@ -236,7 +236,7 @@ class LiveConnection(object): ssl_mismatch = ( ssl is not None and ( - ssl != self.c.server_conn.ssl_established + (self.c.server_conn.connection and ssl != self.c.server_conn.ssl_established) or (sni is not None and sni != self.c.server_conn.sni) ) |