From 4e635d7a6fa8d437ab4dbf9125ba2ed9533dcf0a Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Mon, 15 Dec 2014 12:46:13 +0100
Subject: allow specification of SSL version, only allow TLS1.0+ by default

---
 libmproxy/protocol/primitives.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'libmproxy/protocol')

diff --git a/libmproxy/protocol/primitives.py b/libmproxy/protocol/primitives.py
index 3be1cc45..34526d01 100644
--- a/libmproxy/protocol/primitives.py
+++ b/libmproxy/protocol/primitives.py
@@ -188,7 +188,7 @@ class LiveConnection(object):
             (
                 ssl != self.c.server_conn.ssl_established
                 or
-                (sni is not None and sni != self.c.sni)
+                (sni is not None and sni != self.c.server_conn.sni)
             )
         )
         address_mismatch = (address != self.c.server_conn.address)
@@ -219,10 +219,8 @@ class LiveConnection(object):
 
             self.c.set_server_address(address)
             self.c.establish_server_connection(ask=False)
-            if sni:
-                self.c.sni = sni
             if ssl:
-                self.c.establish_ssl(server=True)
+                self.c.establish_ssl(server=True, sni=sni)
             return True
         return False
 
-- 
cgit v1.2.3