send requested hostname to remote server if python ssl version supports SNI, fixes ssl handshake error for some servers

warcprox/mitmproxy.py

@@ -21,16 +21,7 @@ class MitmProxyHandler(http_server.BaseHTTPRequestHandler):
 
     def __init__(self, request, client_address, server):
         self.is_connect = False
-
-        ## XXX hack around bizarre bug on my mac python 3.2 in http.server
-        ## where hasattr returns true in the code snippet below, but
-        ## self._headers_buffer is None
-        #
-        # if not hasattr(self, '_headers_buffer'):
-        #     self._headers_buffer = []
-        # self._headers_buffer.append(
         self._headers_buffer = []
-
         http_server.BaseHTTPRequestHandler.__init__(self, request, client_address, server)
 
     def _determine_host_port(self):
@@ -63,7 +54,17 @@ class MitmProxyHandler(http_server.BaseHTTPRequestHandler):
 
         # Wrap socket if SSL is required
         if self.is_connect:
-            self._proxy_sock = ssl.wrap_socket(self._proxy_sock)
+            try:
+                context = ssl.create_default_context()
+                context.check_hostname = False
+                context.verify_mode = ssl.CERT_NONE
+                self._proxy_sock = context.wrap_socket(self._proxy_sock, server_hostname=self.hostname)
+            except AttributeError:
+                try:
+                    self._proxy_sock = ssl.wrap_socket(self._proxy_sock)
+                except ssl.SSLError:
+                    self.logger.warn("failed to establish ssl connection to {}; python ssl library does not support SNI, considering upgrading to python >= 2.7.9 or python 3.4".format(self.hostname))
+                    raise
 
     def _transition_to_ssl(self):
         self.request = self.connection = ssl.wrap_socket(self.connection,