Catch and handle SSL connection errors.

2024-11-23 00:01:36 +00:00 · 2012-07-01 12:10:32 +12:00 · 2012-07-01 12:10:32 +12:00 · 90365e270e
commit 90365e270e
parent 4e9d4e8ddd
2 changed files with 15 additions and 4 deletions
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@ -88,7 +88,10 @@ class ServerConnection(tcp.TCPClient):
                path = os.path.join(self.config.clientcerts, self.host) + ".pem"
                if os.path.exists(clientcert):
                    clientcert = path
-            self.convert_to_ssl(clientcert=clientcert, sni=self.host)
+            try:
+                self.convert_to_ssl(clientcert=clientcert, sni=self.host)
+            except tcp.NetLibError, v:
+                raise ProxyError(400, str(v))

    def send(self, request):
        self.requestcount += 1
@ -260,7 +263,10 @@ class ProxyHandler(tcp.BaseHandler):
            if not self.ssl_established and (port in self.config.transparent_proxy["sslports"]):
                scheme = "https"
                certfile = self.find_cert(host, port, None)
-                self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
+                try:
+                    self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
+                except tcp.NetLibError, v:
+                    raise ProxyError(400, str(v))
            else:
                scheme = "http"
            host = self.sni or host
@ -312,7 +318,10 @@ class ProxyHandler(tcp.BaseHandler):
                            )
                self.wfile.flush()
                certfile = self.find_cert(host, port, None)
-                self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
+                try:
+                    self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
+                except tcp.NetLibError, v:
+                    raise ProxyError(400, str(v))
                self.proxy_connect_state = (host, port, httpversion)
                line = self.rfile.readline(line)
            if self.proxy_connect_state:
--- a/test/test_dump.py
+++ b/test/test_dump.py
@ -1,7 +1,7 @@
 import os
 from cStringIO import StringIO
 import libpry
-from libmproxy import dump, flow
+from libmproxy import dump, flow, proxy
 import tutils

 def test_strfuncs():
@ -20,6 +20,8 @@ class TestDumpMaster:
    def _cycle(self, m, content):
        req = tutils.treq()
        req.content = content
+        l = proxy.Log("connect")
+        m.handle_log(l)
        cc = req.client_conn
        cc.connection_error = "error"
        resp = tutils.tresp(req)