From 79778071cf41d23823d0ce74dff9f7d9a922c04c Mon Sep 17 00:00:00 2001
From: Thomas Kriechbaumer <thomas@kriechbaumer.name>
Date: Sat, 30 Nov 2019 12:43:25 +0100
Subject: close the client connection if TLS ClientHello parsing fails

---
 mitmproxy/proxy/protocol/tls.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/mitmproxy/proxy/protocol/tls.py b/mitmproxy/proxy/protocol/tls.py
index 282df60d..f48cb947 100644
--- a/mitmproxy/proxy/protocol/tls.py
+++ b/mitmproxy/proxy/protocol/tls.py
@@ -242,6 +242,8 @@ class TlsLayer(base.Layer):
                 self._client_hello = net_tls.ClientHello.from_file(self.client_conn.rfile)
             except exceptions.TlsProtocolException as e:
                 self.log("Cannot parse Client Hello: %s" % repr(e), "error")
+                # Without knowning the ClientHello we cannot proceed in this connection.
+                return
 
         # Do we need to do a server handshake now?
         # There are two reasons why we would want to establish TLS with the server now:
-- 
cgit v1.2.3