From a38d2d7b0ee436c84855ef584b19b65c314c57ce Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@corte.si>
Date: Sun, 27 May 2018 10:46:38 +1200
Subject: [PATCH] addons/block: teach block about IPv6 scope suffixes

Fixes #3160
---
 mitmproxy/addons/block.py           | 16 +++++++++-------
 test/mitmproxy/addons/test_block.py |  4 ++++
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/mitmproxy/addons/block.py b/mitmproxy/addons/block.py
index a484f5c43..91f9f7093 100644
--- a/mitmproxy/addons/block.py
+++ b/mitmproxy/addons/block.py
@@ -21,17 +21,19 @@ class Block:
         )
 
     def clientconnect(self, layer):
-        address = ipaddress.ip_address(layer.client_conn.address[0])
+        astr = layer.client_conn.address[0]
+
+        parts = astr.rsplit("%", 1)
+        address = ipaddress.ip_address(parts[0])
         if isinstance(address, ipaddress.IPv6Address):
             address = address.ipv4_mapped or address
 
-        ipa = ipaddress.ip_address(address)
-        if ipa.is_loopback:
+        if address.is_loopback:
             return
 
-        if ctx.options.block_private and ipa.is_private:
-            ctx.log.warn("Client connection from %s killed by block_private" % address)
+        if ctx.options.block_private and address.is_private:
+            ctx.log.warn("Client connection from %s killed by block_private" % astr)
             layer.reply.kill()
-        if ctx.options.block_global and ipa.is_global:
-            ctx.log.warn("Client connection from %s killed by block_global" % address)
+        if ctx.options.block_global and address.is_global:
+            ctx.log.warn("Client connection from %s killed by block_global" % astr)
             layer.reply.kill()
\ No newline at end of file
diff --git a/test/mitmproxy/addons/test_block.py b/test/mitmproxy/addons/test_block.py
index 4446d89c5..4466ad235 100644
--- a/test/mitmproxy/addons/test_block.py
+++ b/test/mitmproxy/addons/test_block.py
@@ -17,6 +17,7 @@ from mitmproxy.test import taddons
     (True, False, False, ("::ffff:172.20.0.1",)),
     (True, False, False, ("::ffff:192.168.1.1",)),
     (True, False, False, ("fe80::",)),
+    (True, False, False, (r"::ffff:192.168.1.1%scope",)),
     # block_global: global
     (True, False, True, ("1.1.1.1",)),
     (True, False, True, ("8.8.8.8",)),
@@ -25,6 +26,7 @@ from mitmproxy.test import taddons
     (True, False, True, ("::ffff:8.8.8.8",)),
     (True, False, True, ("::ffff:216.58.207.174",)),
     (True, False, True, ("2001:4860:4860::8888",)),
+    (True, False, True, (r"2001:4860:4860::8888%scope",)),
 
 
     # block_private: loopback
@@ -37,6 +39,7 @@ from mitmproxy.test import taddons
     (False, True, True, ("::ffff:10.0.0.1",)),
     (False, True, True, ("::ffff:172.20.0.1",)),
     (False, True, True, ("::ffff:192.168.1.1",)),
+    (False, True, True, (r"::ffff:192.168.1.1%scope",)),
     (False, True, True, ("fe80::",)),
     # block_private: global
     (False, True, False, ("1.1.1.1",)),
@@ -45,6 +48,7 @@ from mitmproxy.test import taddons
     (False, True, False, ("::ffff:1.1.1.1",)),
     (False, True, False, ("::ffff:8.8.8.8",)),
     (False, True, False, ("::ffff:216.58.207.174",)),
+    (False, True, False, (r"::ffff:216.58.207.174%scope",)),
     (False, True, False, ("2001:4860:4860::8888",)),
 ])
 @pytest.mark.asyncio