Merge pull request #654 from mitmproxy/remove_certforward

Remove Certforward Feature
author: Aldo Cortesi <aldo@nullcube.com> 2015-06-27 09:22:41 +1200
committer: Aldo Cortesi <aldo@nullcube.com> 2015-06-27 09:22:41 +1200
commit: 5f277408cf850093f42e4716ee4f5ba475ec0a4c (patch)
tree: 9780a967018df902ac2df8b74d2c216aeb31be96 /libmproxy/proxy/server.py
parent: 7990503eaf738e655b50f8fb55d6eff9bd11bdec (diff)
parent: b369962cbe632588baf7b10917e3d31b91a18dbd (diff)
download: mitmproxy-5f277408cf850093f42e4716ee4f5ba475ec0a4c.tar.gz
mitmproxy-5f277408cf850093f42e4716ee4f5ba475ec0a4c.tar.bz2
mitmproxy-5f277408cf850093f42e4716ee4f5ba475ec0a4c.zip
1 files changed, 19 insertions, 23 deletions
diff --git a/libmproxy/proxy/server.py b/libmproxy/proxy/server.py
index 71704413..051e8489 100644
--- a/libmproxy/proxy/server.py
+++ b/libmproxy/proxy/server.py
@@ -303,29 +303,25 @@ class ConnectionHandler:
         self.channel.tell("log", Log(msg, level))
 
     def find_cert(self):
-        if self.config.certforward and self.server_conn.ssl_established:
-            return self.server_conn.cert, self.config.certstore.gen_pkey(
-                self.server_conn.cert), None
-        else:
-            host = self.server_conn.address.host
-            sans = []
-            if self.server_conn.ssl_established and (
-                    not self.config.no_upstream_cert):
-                upstream_cert = self.server_conn.cert
-                sans.extend(upstream_cert.altnames)
-                if upstream_cert.cn:
-                    sans.append(host)
-                    host = upstream_cert.cn.decode("utf8").encode("idna")
-            if self.server_conn.sni:
-                sans.append(self.server_conn.sni)
-            # for ssl spoof mode
-            if hasattr(self.client_conn, "sni"):
-                sans.append(self.client_conn.sni)
-
-            ret = self.config.certstore.get_cert(host, sans)
-            if not ret:
-                raise ProxyError(502, "Unable to generate dummy cert.")
-            return ret
+        host = self.server_conn.address.host
+        sans = []
+        if self.server_conn.ssl_established and (
+                not self.config.no_upstream_cert):
+            upstream_cert = self.server_conn.cert
+            sans.extend(upstream_cert.altnames)
+            if upstream_cert.cn:
+                sans.append(host)
+                host = upstream_cert.cn.decode("utf8").encode("idna")
+        if self.server_conn.sni:
+            sans.append(self.server_conn.sni)
+        # for ssl spoof mode
+        if hasattr(self.client_conn, "sni"):
+            sans.append(self.client_conn.sni)
+
+        ret = self.config.certstore.get_cert(host, sans)
+        if not ret:
+            raise ProxyError(502, "Unable to generate dummy cert.")
+        return ret
 
     def handle_sni(self, connection):
         """
author	Aldo Cortesi <aldo@nullcube.com>	2015-06-27 09:22:41 +1200
committer	Aldo Cortesi <aldo@nullcube.com>	2015-06-27 09:22:41 +1200
commit	5f277408cf850093f42e4716ee4f5ba475ec0a4c (patch)
tree	9780a967018df902ac2df8b74d2c216aeb31be96 /libmproxy/proxy/server.py
parent	7990503eaf738e655b50f8fb55d6eff9bd11bdec (diff)
parent	b369962cbe632588baf7b10917e3d31b91a18dbd (diff)
download	mitmproxy-5f277408cf850093f42e4716ee4f5ba475ec0a4c.tar.gz mitmproxy-5f277408cf850093f42e4716ee4f5ba475ec0a4c.tar.bz2 mitmproxy-5f277408cf850093f42e4716ee4f5ba475ec0a4c.zip