mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-26 02:10:59 +00:00
fix #479
This commit is contained in:
parent
c9240812d9
commit
81a274eb51
@ -285,6 +285,11 @@ class ConnectionHandler:
|
|||||||
|
|
||||||
if sni != self.server_conn.sni:
|
if sni != self.server_conn.sni:
|
||||||
self.log("SNI received: %s" % sni, "debug")
|
self.log("SNI received: %s" % sni, "debug")
|
||||||
|
# We should only re-establish upstream SSL if one of the following conditions is true:
|
||||||
|
# - We established SSL with the server previously
|
||||||
|
# - We initially wanted to establish SSL with the server,
|
||||||
|
# but the server refused to negotiate without SNI.
|
||||||
|
if self.server_conn.ssl_established or hasattr(self.server_conn, "may_require_sni"):
|
||||||
self.server_reconnect(sni) # reconnect to upstream server with SNI
|
self.server_reconnect(sni) # reconnect to upstream server with SNI
|
||||||
# Now, change client context to reflect changed certificate:
|
# Now, change client context to reflect changed certificate:
|
||||||
cert, key, chain_file = self.find_cert()
|
cert, key, chain_file = self.find_cert()
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
import socket, time
|
import socket, time
|
||||||
from libmproxy.proxy.config import HostMatcher
|
from libmproxy.proxy.config import HostMatcher
|
||||||
|
import libpathod
|
||||||
from netlib import tcp, http_auth, http
|
from netlib import tcp, http_auth, http
|
||||||
from libpathod import pathoc, pathod
|
from libpathod import pathoc, pathod
|
||||||
from netlib.certutils import SSLCert
|
from netlib.certutils import SSLCert
|
||||||
@ -332,6 +333,36 @@ class TestReverse(tservers.ReverseProxTest, CommonMixin, TcpMixin):
|
|||||||
reverse = True
|
reverse = True
|
||||||
|
|
||||||
|
|
||||||
|
class TestHttps2Http(tservers.ReverseProxTest):
|
||||||
|
@classmethod
|
||||||
|
def get_proxy_config(cls):
|
||||||
|
d = super(TestHttps2Http, cls).get_proxy_config()
|
||||||
|
d["upstream_server"][0] = True
|
||||||
|
return d
|
||||||
|
|
||||||
|
def pathoc(self, ssl, sni=None):
|
||||||
|
"""
|
||||||
|
Returns a connected Pathoc instance.
|
||||||
|
"""
|
||||||
|
p = libpathod.pathoc.Pathoc(("localhost", self.proxy.port), ssl=ssl, sni=sni)
|
||||||
|
p.connect()
|
||||||
|
return p
|
||||||
|
|
||||||
|
def test_all(self):
|
||||||
|
p = self.pathoc(ssl=True)
|
||||||
|
assert p.request("get:'/p/200'").status_code == 200
|
||||||
|
|
||||||
|
def test_sni(self):
|
||||||
|
p = self.pathoc(ssl=True, sni="example.com")
|
||||||
|
assert p.request("get:'/p/200'").status_code == 200
|
||||||
|
assert all("Error in handle_sni" not in msg for msg in self.proxy.log)
|
||||||
|
|
||||||
|
def test_http(self):
|
||||||
|
p = self.pathoc(ssl=False)
|
||||||
|
assert p.request("get:'/p/200'").status_code == 400
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
class TestTransparent(tservers.TransparentProxTest, CommonMixin, TcpMixin):
|
class TestTransparent(tservers.TransparentProxTest, CommonMixin, TcpMixin):
|
||||||
ssl = False
|
ssl = False
|
||||||
|
|
||||||
|
@ -218,12 +218,12 @@ class ReverseProxTest(ProxTestBase):
|
|||||||
@classmethod
|
@classmethod
|
||||||
def get_proxy_config(cls):
|
def get_proxy_config(cls):
|
||||||
d = ProxTestBase.get_proxy_config()
|
d = ProxTestBase.get_proxy_config()
|
||||||
d["upstream_server"] = (
|
d["upstream_server"] = [
|
||||||
True if cls.ssl else False,
|
True if cls.ssl else False,
|
||||||
True if cls.ssl else False,
|
True if cls.ssl else False,
|
||||||
"127.0.0.1",
|
"127.0.0.1",
|
||||||
cls.server.port
|
cls.server.port
|
||||||
)
|
]
|
||||||
d["mode"] = "reverse"
|
d["mode"] = "reverse"
|
||||||
return d
|
return d
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user