3 files changed, 25 insertions, 12 deletions
diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py
index 54cb6f8e..964c15a9 100644
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@@ -140,6 +140,13 @@ class ProxyHandler(tcp.BaseHandler):
         tcp.BaseHandler.__init__(self, connection, client_address, server)
 
     def get_server_connection(self, cc, scheme, host, port, sni):
+        """
+            When SNI is in play, this means we have an SSL-encrypted
+            connection, which means that the entire handler is dedicated to a
+            single server connection - no multiplexing. If this assumption ever
+            breaks, we'll have to do something different with the SNI host
+            variable on the handler object.
+        """
         sc = self.server_conn
         if not sni:
             sni = host
@@ -329,7 +336,6 @@ class ProxyHandler(tcp.BaseHandler):
                 raise ProxyError(400, str(v))
         else:
             scheme = "http"
-        host = self.sni or host
         line = self.get_line(self.rfile)
         if line == "":
             return None
diff --git a/test/test_server.py b/test/test_server.py
index 244f972f..47bd56b1 100644
--- a/test/test_server.py
+++ b/test/test_server.py
@@ -160,6 +160,12 @@ class TestTransparent(tservers.TransparentProxTest, CommonMixin):
 class TestTransparentSSL(tservers.TransparentProxTest, CommonMixin):
     transparent = True
     ssl = True
+    def test_sni(self):
+        f = self.pathod("304", sni="testserver.com")
+        assert f.status_code == 304
+        l = self.server.last_log()
+        assert self.server.last_log()["request"]["sni"] == "testserver.com"
+
 
 
 class TestProxy(tservers.HTTPProxTest):
diff --git a/test/tservers.py b/test/tservers.py
index d1878f7a..12692369 100644
--- a/test/tservers.py
+++ b/test/tservers.py
@@ -172,23 +172,24 @@ class TransparentProxTest(ProxTestBase):
         )
         return d
 
-    def pathod(self, spec):
+    def pathod(self, spec, sni=None):
         """
-            Constructs a pathod request, with the appropriate base and proxy.
+            Constructs a pathod GET request, with the appropriate base and proxy.
         """
-        r = hurl.get(
-            "%s://127.0.0.1:%s"%(self.scheme, self.proxy.port) + "/p/" + spec,
-            validate_cert=False,
-            #debug=hurl.utils.stdout_debug
-        )
-        return r
+        if self.ssl:
+            p = self.pathoc(sni=sni)
+            q = "get:'/p/%s'"%spec
+        else:
+            p = self.pathoc()
+            q = "get:'/p/%s'"%spec
+        return p.request(q)
 
-    def pathoc(self, connect= None):
+    def pathoc(self, sni=None):
         """
             Returns a connected Pathoc instance.
         """
-        p = libpathod.pathoc.Pathoc("localhost", self.proxy.port)
-        p.connect(connect_to)
+        p = libpathod.pathoc.Pathoc("localhost", self.proxy.port, ssl=self.ssl, sni=sni)
+        p.connect()
         return p