close the client connection if TLS ClientHello parsing fails

author: Thomas Kriechbaumer <thomas@kriechbaumer.name> 2019-11-30 12:43:25 +0100
committer: Thomas Kriechbaumer <thomas@kriechbaumer.name> 2019-11-30 12:43:25 +0100
commit: 79778071cf41d23823d0ce74dff9f7d9a922c04c (patch)
tree: 45298063195df59603b5693841c110a52388e3f7 /mitmproxy/proxy
parent: f026285434a3800eef4284ff2d662d4d0c9a2d84 (diff)
download: mitmproxy-79778071cf41d23823d0ce74dff9f7d9a922c04c.tar.gz
mitmproxy-79778071cf41d23823d0ce74dff9f7d9a922c04c.tar.bz2
mitmproxy-79778071cf41d23823d0ce74dff9f7d9a922c04c.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/mitmproxy/proxy/protocol/tls.py b/mitmproxy/proxy/protocol/tls.py
index 282df60d..f48cb947 100644
--- a/mitmproxy/proxy/protocol/tls.py
+++ b/mitmproxy/proxy/protocol/tls.py
@@ -242,6 +242,8 @@ class TlsLayer(base.Layer):
                 self._client_hello = net_tls.ClientHello.from_file(self.client_conn.rfile)
             except exceptions.TlsProtocolException as e:
                 self.log("Cannot parse Client Hello: %s" % repr(e), "error")
+                # Without knowning the ClientHello we cannot proceed in this connection.
+                return
 
         # Do we need to do a server handshake now?
         # There are two reasons why we would want to establish TLS with the server now:
author	Thomas Kriechbaumer <thomas@kriechbaumer.name>	2019-11-30 12:43:25 +0100
committer	Thomas Kriechbaumer <thomas@kriechbaumer.name>	2019-11-30 12:43:25 +0100
commit	79778071cf41d23823d0ce74dff9f7d9a922c04c (patch)
tree	45298063195df59603b5693841c110a52388e3f7 /mitmproxy/proxy
parent	f026285434a3800eef4284ff2d662d4d0c9a2d84 (diff)
download	mitmproxy-79778071cf41d23823d0ce74dff9f7d9a922c04c.tar.gz mitmproxy-79778071cf41d23823d0ce74dff9f7d9a922c04c.tar.bz2 mitmproxy-79778071cf41d23823d0ce74dff9f7d9a922c04c.zip