diff --git a/warcprox/mitmproxy.py b/warcprox/mitmproxy.py index d331caa..f3722d3 100644 --- a/warcprox/mitmproxy.py +++ b/warcprox/mitmproxy.py @@ -21,16 +21,7 @@ class MitmProxyHandler(http_server.BaseHTTPRequestHandler): def __init__(self, request, client_address, server): self.is_connect = False - - ## XXX hack around bizarre bug on my mac python 3.2 in http.server - ## where hasattr returns true in the code snippet below, but - ## self._headers_buffer is None - # - # if not hasattr(self, '_headers_buffer'): - # self._headers_buffer = [] - # self._headers_buffer.append( self._headers_buffer = [] - http_server.BaseHTTPRequestHandler.__init__(self, request, client_address, server) def _determine_host_port(self): @@ -63,7 +54,17 @@ class MitmProxyHandler(http_server.BaseHTTPRequestHandler): # Wrap socket if SSL is required if self.is_connect: - self._proxy_sock = ssl.wrap_socket(self._proxy_sock) + try: + context = ssl.create_default_context() + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + self._proxy_sock = context.wrap_socket(self._proxy_sock, server_hostname=self.hostname) + except AttributeError: + try: + self._proxy_sock = ssl.wrap_socket(self._proxy_sock) + except ssl.SSLError: + self.logger.warn("failed to establish ssl connection to {}; python ssl library does not support SNI, considering upgrading to python >= 2.7.9 or python 3.4".format(self.hostname)) + raise def _transition_to_ssl(self): self.request = self.connection = ssl.wrap_socket(self.connection,