Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 08:11:00 +00:00
Code Issues Projects Releases Wiki Activity

speed up TLS handshake if SNI is present

Browse Source
This commit is contained in:
Maximilian Hils 2016-05-01 18:59:37 -07:00
parent 714ba16111
commit 7f894c131b
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
mitmproxy/protocol/tls.py
View File

@ -341,14 +341,16 @@ class TlsLayer(Layer):
https://www.openssl.org/docs/ssl/SSL_CTX_set_cert_cb.html
- The original mitmproxy issue is https://github.com/mitmproxy/mitmproxy/issues/427
"""
client_tls_requires_server_cert = (
self._client_tls and self._server_tls and not self.config.no_upstream_cert
)
if self._client_tls:
self._parse_client_hello()
# First, this requires that we have TLS on both the client and the server connection.
# Second, this must be disabled if the user specified --no-upstream-cert
# Third, if the client sends a SNI value, we can be reasonably sure that this is the actual target host.
client_tls_requires_server_cert = (
self._client_tls and self._server_tls and not self.config.no_upstream_cert and not self.client_sni
)
if client_tls_requires_server_cert:
self._establish_tls_with_client_and_server()
elif self._client_tls: