From 243e0efefc2ae6842a2d03c7d0a0e648802515b1 Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Thu, 28 Jun 2012 10:02:14 +1200
Subject: [PATCH] Adjust for new get_remote_cert API.

---
 .coveragerc        | 2 +-
 libmproxy/flow.py  | 1 +
 libmproxy/proxy.py | 8 ++++----
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/.coveragerc b/.coveragerc
index ea883da05..696e0eb8d 100644
--- a/.coveragerc
+++ b/.coveragerc
@@ -1,3 +1,3 @@
 [report]
-omit = *contrib*, *tnetstring*
+omit = *contrib*, *tnetstring*, *platform*
 include = *libmproxy*
diff --git a/libmproxy/flow.py b/libmproxy/flow.py
index 06300784f..0e5ba0e36 100644
--- a/libmproxy/flow.py
+++ b/libmproxy/flow.py
@@ -198,6 +198,7 @@ class Request(HTTPMsg):
             path: Path portion of the URL
 
             timestamp: Seconds since the epoch
+
             method: HTTP method
     """
     def __init__(self, client_conn, httpversion, host, port, scheme, method, path, headers, content, timestamp=None):
diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py
index 0f68fe258..392714ffd 100644
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@@ -193,13 +193,13 @@ class ProxyHandler(tcp.BaseHandler):
         else:
             return True
 
-    def find_cert(self, host, port):
+    def find_cert(self, host, port, sni):
         if self.config.certfile:
             return self.config.certfile
         else:
             sans = []
             if self.config.upstream_cert:
-                cert = certutils.get_remote_cert(host, port)
+                cert = certutils.get_remote_cert(host, port, sni)
                 sans = cert.altnames
                 host = cert.cn
             ret = certutils.dummy_cert(self.config.certdir, self.config.cacert, host, sans)
@@ -225,7 +225,7 @@ class ProxyHandler(tcp.BaseHandler):
             host, port = self.config.transparent_proxy["resolver"].original_addr(self.connection)
             if not self.ssl_established and (port in self.config.transparent_proxy["sslports"]):
                 scheme = "https"
-                certfile = self.find_cert(host, port)
+                certfile = self.find_cert(host, port, None)
                 self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
             else:
                 scheme = "http"
@@ -274,7 +274,7 @@ class ProxyHandler(tcp.BaseHandler):
                             '\r\n'
                             )
                 self.wfile.flush()
-                certfile = self.find_cert(host, port)
+                certfile = self.find_cert(host, port, None)
                 self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
                 self.proxy_connect_state = (host, port, httpversion)
                 line = self.rfile.readline(line)