diff options
| author | David Weinstein <dweinst@insitusec.com> | 2016-01-26 13:09:22 -0500 |
|---|---|---|
| committer | David Weinstein <dweinst@insitusec.com> | 2016-01-26 13:09:22 -0500 |
| commit | 4be8d148b13ae15d6b0f287935d3dc53a40cdf28 (patch) | |
| tree | 541a225b6dc6dcead0b70a7cf4d65b5aafef0154 /libmproxy | |
| parent | 8f8c2efccd52f9791cc5990f9863cdd02617bc0d (diff) | |
| download | mitmproxy-4be8d148b13ae15d6b0f287935d3dc53a40cdf28.tar.gz mitmproxy-4be8d148b13ae15d6b0f287935d3dc53a40cdf28.tar.bz2 mitmproxy-4be8d148b13ae15d6b0f287935d3dc53a40cdf28.zip | |
Add SNI ignore docs and have code match it
Diffstat (limited to 'libmproxy')
| -rw-r--r-- | libmproxy/proxy/root_context.py | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/libmproxy/proxy/root_context.py b/libmproxy/proxy/root_context.py index 8a3372e0..d70fc299 100644 --- a/libmproxy/proxy/root_context.py +++ b/libmproxy/proxy/root_context.py @@ -55,15 +55,15 @@ class RootContext(object): # 1. check for --ignore if self.config.check_ignore: - address = top_layer.server_conn.address - if client_tls: - try: - client_hello = TlsClientHello.from_client_conn(self.client_conn) - except TlsProtocolException as e: - self.log("Cannot parse Client Hello: %s" % repr(e), "error") - else: - address = (client_hello.client_sni, 443) - if self.config.check_ignore(address): + ignore = self.config.check_ignore(top_layer.server_conn.address) + if not ignore and client_tls: + try: + client_hello = TlsClientHello.from_client_conn(self.client_conn) + except TlsProtocolException as e: + self.log("Cannot parse Client Hello: %s" % repr(e), "error") + else: + ignore = self.config.check_ignore((client_hello.client_sni, 443)) + if ignore: return RawTCPLayer(top_layer, logging=False) # 2. Always insert a TLS layer, even if there's neither client nor server tls. |