From 0d424997998a2250b6f694ba548ee73c8eab8d3a Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Mon, 23 Nov 2020 03:07:30 +0100 Subject: [PATCH] [sans-io] fix nextlayer logic --- mitmproxy/addons/next_layer.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/mitmproxy/addons/next_layer.py b/mitmproxy/addons/next_layer.py index 46e20b1ca..2880172b5 100644 --- a/mitmproxy/addons/next_layer.py +++ b/mitmproxy/addons/next_layer.py @@ -63,7 +63,7 @@ class NextLayer: if not ctx.options.ignore_hosts and not ctx.options.allow_hosts: return False - addresses: typing.List[str] = [context.server.address] + addresses: typing.List[str] = [context.server.address[0]] if is_tls_record_magic(data_client): try: sni = parse_client_hello(data_client).sni @@ -129,22 +129,22 @@ class NextLayer: # 4. Check for --tcp if any( - address and re.search(rex, address, re.IGNORECASE) - for address in (context.server.address, context.client.sni) - for rex in ctx.options.allow_hosts + address and rex.search(address) + for address in (context.server.address[0], context.client.sni.decode("idna")) + for rex in self.tcp_hosts ): return layers.TCPLayer(context) # 5. Check for raw tcp mode. - sni_indicates_non_http = ( - context.client.sni and context.client.sni not in HTTP_ALPNS + alpn_indicates_non_http = ( + context.client.alpn and context.client.alpn not in HTTP_ALPNS ) # Very simple heuristic here - the first three bytes should be # the HTTP verb, so A-Za-z is expected. probably_no_http = ( not data_client[:3].isalpha() ) - if ctx.options.rawtcp and (sni_indicates_non_http or probably_no_http): + if ctx.options.rawtcp and (alpn_indicates_non_http or probably_no_http): return layers.TCPLayer(context) # 6. Assume HTTP by default.