send requested hostname to remote server if python ssl version supports SNI, fixes ssl handshake error for some servers

2025-01-18 13:22:09 +01:00 · 2015-06-30 17:38:45 -07:00 · 2015-06-30 17:38:45 -07:00 · b07f194c63
commit b07f194c63
parent 1abe98c99b
1 changed files with 11 additions and 10 deletions
--- a/warcprox/mitmproxy.py
+++ b/warcprox/mitmproxy.py
@ -21,16 +21,7 @@ class MitmProxyHandler(http_server.BaseHTTPRequestHandler):
    def __init__(self, request, client_address, server):
        self.is_connect = False
        ## XXX hack around bizarre bug on my mac python 3.2 in http.server
        ## where hasattr returns true in the code snippet below, but
        ## self._headers_buffer is None
        #
        # if not hasattr(self, '_headers_buffer'):
        #     self._headers_buffer = []
        # self._headers_buffer.append(
        self._headers_buffer = []
        http_server.BaseHTTPRequestHandler.__init__(self, request, client_address, server)
    def _determine_host_port(self):
@ -63,7 +54,17 @@ class MitmProxyHandler(http_server.BaseHTTPRequestHandler):
        # Wrap socket if SSL is required
        if self.is_connect:
-            self._proxy_sock = ssl.wrap_socket(self._proxy_sock)
+            try:
                context = ssl.create_default_context()
                context.check_hostname = False
                context.verify_mode = ssl.CERT_NONE
                self._proxy_sock = context.wrap_socket(self._proxy_sock, server_hostname=self.hostname)
            except AttributeError:
                try:
                    self._proxy_sock = ssl.wrap_socket(self._proxy_sock)
                except ssl.SSLError:
                    self.logger.warn("failed to establish ssl connection to {}; python ssl library does not support SNI, considering upgrading to python >= 2.7.9 or python 3.4".format(self.hostname))
                    raise
    def _transition_to_ssl(self):
        self.request = self.connection = ssl.wrap_socket(self.connection,