New method establish_ssl to avoid duplicated code

2024-11-23 00:01:36 +00:00 · 2013-09-26 12:38:13 +02:00 · 2013-09-26 12:38:13 +02:00 · 7140323bdb
commit 7140323bdb
parent f33d128a7f
1 changed files with 15 additions and 29 deletions
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@ -310,6 +310,17 @@ class ProxyHandler(tcp.BaseHandler):
                raise ProxyError(502, "Unable to generate dummy cert.")
            return ret

+    def establish_ssl(self, client_conn, host, port):
+        dummycert = self.find_cert(client_conn, host, port, host)
+        sni = HandleSNI(
+            self, client_conn, host, port,
+            dummycert, self.config.certfile or self.config.cacert
+        )
+        try:
+            self.convert_to_ssl(dummycert, self.config.certfile or self.config.cacert, handle_sni=sni)
+        except tcp.NetLibError, v:
+            raise ProxyError(400, str(v))
+
    def get_line(self, fp):
        """
            Get a line, possibly preceded by a blank.
@ -329,15 +340,7 @@ class ProxyHandler(tcp.BaseHandler):
        if port in self.config.transparent_proxy["sslports"]:
            scheme = "https"
            if not self.ssl_established:
-                dummycert = self.find_cert(client_conn, host, port, host)
-                sni = HandleSNI(
-                    self, client_conn, host, port,
-                    dummycert, self.config.certfile or self.config.cacert
-                )
-                try:
-                    self.convert_to_ssl(dummycert, self.config.certfile or self.config.cacert, handle_sni=sni)
-                except tcp.NetLibError, v:
-                    raise ProxyError(400, str(v))
+                self.establish_ssl(client_conn, host, port)
        else:
            scheme = "http"
        line = self.get_line(self.rfile)
@ -372,15 +375,7 @@ class ProxyHandler(tcp.BaseHandler):
                            '\r\n'
                            )
                self.wfile.flush()
-                dummycert = self.find_cert(client_conn, host, port, host)
-                sni = HandleSNI(
-                    self, client_conn, host, port,
-                    dummycert, self.config.certfile or self.config.cacert
-                )
-                try:
-                    self.convert_to_ssl(dummycert, self.config.certfile or self.config.cacert, handle_sni=sni)
-                except tcp.NetLibError, v:
-                    raise ProxyError(400, str(v))
+                self.establish_ssl(client_conn, host, port)
                self.proxy_connect_state = (host, port, httpversion)
                line = self.rfile.readline(line)

@ -415,17 +410,8 @@ class ProxyHandler(tcp.BaseHandler):

    def read_request_reverse(self, client_conn):
        scheme, host, port = self.config.reverse_proxy
-        if scheme.lower() == "https":
-            if not self.ssl_established:
-                dummycert = self.find_cert(client_conn, host, port, host)
-                sni = HandleSNI(
-                    self, client_conn, host, port,
-                    dummycert, self.config.certfile or self.config.cacert
-                )
-                try:
-                    self.convert_to_ssl(dummycert, self.config.certfile or self.config.cacert, handle_sni=sni)
-                except tcp.NetLibError, v:
-                    raise ProxyError(400, str(v))
+        if scheme.lower() == "https" and not self.ssl_established:
+            self.establish_ssl(client_conn, host, port)
        line = self.get_line(self.rfile)
        if line == "":
            return None