diff options
| author | Maximilian Hils <git@maximilianhils.com> | 2015-08-27 15:59:56 +0200 |
|---|---|---|
| committer | Maximilian Hils <git@maximilianhils.com> | 2015-08-27 15:59:56 +0200 |
| commit | 515c0244483446350779db59a31b8fd7dc603a5b (patch) | |
| tree | 7b36d398eab73dd4ae9f4563b1896a90adfbcb18 /libmproxy | |
| parent | ecfde4247fcfd8279948b4a22bc4f04c2fb2ba15 (diff) | |
| download | mitmproxy-515c0244483446350779db59a31b8fd7dc603a5b.tar.gz mitmproxy-515c0244483446350779db59a31b8fd7dc603a5b.tar.bz2 mitmproxy-515c0244483446350779db59a31b8fd7dc603a5b.zip | |
handle tls server errors more gracefully
Diffstat (limited to 'libmproxy')
| -rw-r--r-- | libmproxy/protocol2/tls.py | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/libmproxy/protocol2/tls.py b/libmproxy/protocol2/tls.py index 9c8aeb24..433dd65d 100644 --- a/libmproxy/protocol2/tls.py +++ b/libmproxy/protocol2/tls.py @@ -51,9 +51,7 @@ class TlsLayer(Layer): self._parse_client_hello() if client_tls_requires_server_cert: - self.ctx.connect() - self._establish_tls_with_server() - self._establish_tls_with_client() + self._establish_tls_with_client_and_server() elif self._client_tls: self._establish_tls_with_client() @@ -148,6 +146,22 @@ class TlsLayer(Layer): self.log("ALPN for client: %s" % choice, "debug") return choice + def _establish_tls_with_client_and_server(self): + self.ctx.connect() + + # If establishing TLS with the server fails, we try to establish TLS with the client nonetheless + # to send an error message over TLS. + try: + self._establish_tls_with_server() + except Exception as e: + try: + self._establish_tls_with_client() + except: + pass + raise e + + self._establish_tls_with_client() + def _establish_tls_with_client(self): self.log("Establish TLS with client", "debug") cert, key, chain_file = self._find_cert() |