Merge branch 'cert_chains'

author: Maximilian Hils <git@maximilianhils.com> 2014-10-09 00:51:21 +0200
committer: Maximilian Hils <git@maximilianhils.com> 2014-10-09 00:51:21 +0200
commit: ff366d152e81955a1832e75f26dc0c5906e0e7c0 (patch)
tree: 4dad9af21473ac01caaf824749cba1feb1422a44 /libmproxy/proxy/server.py
parent: f04693c04779b6c78d0370c0ffd15f899b9b522f (diff)
parent: 5b33f7896136012ab8cd86999f5af2b90e66125b (diff)
download: mitmproxy-ff366d152e81955a1832e75f26dc0c5906e0e7c0.tar.gz
mitmproxy-ff366d152e81955a1832e75f26dc0c5906e0e7c0.tar.bz2
mitmproxy-ff366d152e81955a1832e75f26dc0c5906e0e7c0.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/libmproxy/proxy/server.py b/libmproxy/proxy/server.py
index 307a4bcd..0152f539 100644
--- a/libmproxy/proxy/server.py
+++ b/libmproxy/proxy/server.py
@@ -190,14 +190,14 @@ class ConnectionHandler:
         if client:
             if self.client_conn.ssl_established:
                 raise ProxyError(502, "SSL to Client already established.")
-            cert, key = self.find_cert()
+            cert, key, chain_file = self.find_cert()
             try:
                 self.client_conn.convert_to_ssl(
                     cert, key,
                     handle_sni=self.handle_sni,
                     cipher_list=self.config.ciphers,
                     dhparams=self.config.certstore.dhparams,
-                    ca_file=self.config.ca_file
+                    chain_file=chain_file
                 )
             except tcp.NetLibError as v:
                 raise ProxyError(400, repr(v))
@@ -264,17 +264,17 @@ class ConnectionHandler:
                 self.log("SNI received: %s" % self.sni, "debug")
                 self.server_reconnect()  # reconnect to upstream server with SNI
                 # Now, change client context to reflect changed certificate:
-                cert, key = self.find_cert()
+                cert, key, chain_file = self.find_cert()
                 new_context = self.client_conn._create_ssl_context(
                     cert, key,
                     method=SSL.TLSv1_METHOD,
                     cipher_list=self.config.ciphers,
                     dhparams=self.config.certstore.dhparams,
-                    ca_file=self.config.ca_file
+                    chain_file=chain_file
                 )
                 connection.set_context(new_context)
         # An unhandled exception in this method will core dump PyOpenSSL, so
         # make dang sure it doesn't happen.
-        except Exception:  # pragma: no cover
+        except:  # pragma: no cover
             import traceback
             self.log("Error in handle_sni:\r\n" + traceback.format_exc(), "error")
 \ No newline at end of file
author	Maximilian Hils <git@maximilianhils.com>	2014-10-09 00:51:21 +0200
committer	Maximilian Hils <git@maximilianhils.com>	2014-10-09 00:51:21 +0200
commit	ff366d152e81955a1832e75f26dc0c5906e0e7c0 (patch)
tree	4dad9af21473ac01caaf824749cba1feb1422a44 /libmproxy/proxy/server.py
parent	f04693c04779b6c78d0370c0ffd15f899b9b522f (diff)
parent	5b33f7896136012ab8cd86999f5af2b90e66125b (diff)
download	mitmproxy-ff366d152e81955a1832e75f26dc0c5906e0e7c0.tar.gz mitmproxy-ff366d152e81955a1832e75f26dc0c5906e0e7c0.tar.bz2 mitmproxy-ff366d152e81955a1832e75f26dc0c5906e0e7c0.zip