diff options
| author | David Weinstein <dweinst@insitusec.com> | 2016-01-26 11:44:32 -0500 |
|---|---|---|
| committer | David Weinstein <dweinst@insitusec.com> | 2016-01-26 11:44:32 -0500 |
| commit | a2ebcfe8795490dc862996218f9e9821b2c3ed83 (patch) | |
| tree | f78326c340affdb326760e2f50c27ea81655f0ba /libmproxy | |
| parent | 17a32d921cd2df98ad2f7861eb9165ec20dc7314 (diff) | |
| download | mitmproxy-a2ebcfe8795490dc862996218f9e9821b2c3ed83.tar.gz mitmproxy-a2ebcfe8795490dc862996218f9e9821b2c3ed83.tar.bz2 mitmproxy-a2ebcfe8795490dc862996218f9e9821b2c3ed83.zip | |
Simplify check_ignore in _next_layer
Diffstat (limited to 'libmproxy')
| -rw-r--r-- | libmproxy/proxy/root_context.py | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/libmproxy/proxy/root_context.py b/libmproxy/proxy/root_context.py index 8bf84951..23d4aaf5 100644 --- a/libmproxy/proxy/root_context.py +++ b/libmproxy/proxy/root_context.py @@ -47,25 +47,24 @@ class RootContext(object): return self.channel.ask("next_layer", layer) def _next_layer(self, top_layer): - # 1. Check for --ignore. - if self.config.check_ignore(top_layer.server_conn.address): - return RawTCPLayer(top_layer, logging=False) - try: d = top_layer.client_conn.rfile.peek(3) except TcpException as e: six.reraise(ProtocolException, ProtocolException(str(e)), sys.exc_info()[2]) client_tls = is_tls_record_magic(d) - # 1A. check for --ignore with SNI host - if client_tls: - try: - client_hello = TlsClientHello.from_client_conn(self.client_conn) - if (client_hello and - self.config.check_ignore((client_hello.client_sni, 443))): - return RawTCPLayer(top_layer, logging=False) - except TlsProtocolException as e: - six.reraise(ProtocolException, ProtocolException(str(e)), sys.exc_info()[2]) + # 1. check for --ignore + if self.config.check_ignore: + address = top_layer.server_conn.address + if client_tls: + try: + client_hello = TlsClientHello.from_client_conn(self.client_conn) + except TlsProtocolException as e: + self.log("Cannot parse Client Hello: %s" % repr(e), "error") + else: + address = (client_hello.client_sni, 443) # TODO: may need to wrap that in tcp.Address? + if self.config.check_ignore(address): + return RawTCPLayer(top_layer, logging=False) # 2. Always insert a TLS layer, even if there's neither client nor server tls. # An inline script may upgrade from http to https, |