Use SNI-indicated hostname for cert generation when not using upstream certs.

author: Aldo Cortesi <aldo@nullcube.com> 2012-06-27 12:12:11 +1200
committer: Aldo Cortesi <aldo@nullcube.com> 2012-06-27 12:12:11 +1200
commit: dd55a3e0b60e4cfe5e194a57076340628e5cee9c (patch)
tree: daf9d49a93a8a0cda5a051d32b61793b40466582 /libmproxy/proxy.py
parent: ceef6ee6bee21bc579256d21e979e25e3c08b5ec (diff)
download: mitmproxy-dd55a3e0b60e4cfe5e194a57076340628e5cee9c.tar.gz
mitmproxy-dd55a3e0b60e4cfe5e194a57076340628e5cee9c.tar.bz2
mitmproxy-dd55a3e0b60e4cfe5e194a57076340628e5cee9c.zip
1 files changed, 8 insertions, 3 deletions
diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py
index 03e6e6a8..2f38f3af 100644
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@@ -109,6 +109,7 @@ class ProxyHandler(tcp.BaseHandler):
         self.config = config
         self.server_conn = None
         self.proxy_connect_state = None
+        self.sni = None
         tcp.BaseHandler.__init__(self, connection, client_address, server)
 
     def handle(self):
@@ -216,6 +217,9 @@ class ProxyHandler(tcp.BaseHandler):
             line = fp.readline()
         return line
 
+    def handle_sni(self, conn):
+        self.sni = conn.get_servername()
+
     def read_request(self, client_conn):
         if self.config.transparent_proxy:
             host, port = self.config.transparent_proxy["resolver"].original_addr(self.connection)
@@ -225,12 +229,13 @@ class ProxyHandler(tcp.BaseHandler):
                 self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
             else:
                 scheme = "http"
+            host = self.sni or host
             line = self.get_line(self.rfile)
             if line == "":
                 return None
             r = http.parse_init_http(line)
             if not r:
-                raise ProxyError(400, "Bad HTTP request line.")
+                raise ProxyError(400, "Bad HTTP request line: %s"%line)
             method, path, httpversion = r
             headers = http.read_headers(self.rfile)
             content = http.read_http_body_request(
@@ -244,7 +249,7 @@ class ProxyHandler(tcp.BaseHandler):
             scheme, host, port = self.config.reverse_proxy
             r = http.parse_init_http(line)
             if not r:
-                raise ProxyError(400, "Bad HTTP request line.")
+                raise ProxyError(400, "Bad HTTP request line: %s"%line)
             method, path, httpversion = r
             headers = http.read_headers(self.rfile)
             content = http.read_http_body_request(
@@ -277,7 +282,7 @@ class ProxyHandler(tcp.BaseHandler):
                 host, port, httpversion = self.proxy_connect_state
                 r = http.parse_init_http(line)
                 if not r:
-                    raise ProxyError(400, "Bad HTTP request line.")
+                    raise ProxyError(400, "Bad HTTP request line: %s"%line)
                 method, path, httpversion = r
                 headers = http.read_headers(self.rfile)
                 content = http.read_http_body_request(
author	Aldo Cortesi <aldo@nullcube.com>	2012-06-27 12:12:11 +1200
committer	Aldo Cortesi <aldo@nullcube.com>	2012-06-27 12:12:11 +1200
commit	dd55a3e0b60e4cfe5e194a57076340628e5cee9c (patch)
tree	daf9d49a93a8a0cda5a051d32b61793b40466582 /libmproxy/proxy.py
parent	ceef6ee6bee21bc579256d21e979e25e3c08b5ec (diff)
download	mitmproxy-dd55a3e0b60e4cfe5e194a57076340628e5cee9c.tar.gz mitmproxy-dd55a3e0b60e4cfe5e194a57076340628e5cee9c.tar.bz2 mitmproxy-dd55a3e0b60e4cfe5e194a57076340628e5cee9c.zip