diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2013-02-25 21:11:09 +1300 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2013-02-25 21:11:09 +1300 |
| commit | f30df13384b1c31ee7bcd78b0caea37043434bcf (patch) | |
| tree | 54cb5919df82fa7ac697fc2fee5b71e55ba057d0 /netlib | |
| parent | 97e11a219fb2a752d5b726b203874101d7ab651c (diff) | |
| download | mitmproxy-f30df13384b1c31ee7bcd78b0caea37043434bcf.tar.gz mitmproxy-f30df13384b1c31ee7bcd78b0caea37043434bcf.tar.bz2 mitmproxy-f30df13384b1c31ee7bcd78b0caea37043434bcf.zip | |
Make sni_handler an argument to BaseHandler.convert_to_ssl
Diffstat (limited to 'netlib')
| -rw-r--r-- | netlib/tcp.py | 35 | ||||
| -rw-r--r-- | netlib/test.py | 1 |
2 files changed, 16 insertions, 20 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index d909a5a4..485d821f 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -254,15 +254,27 @@ class BaseHandler: self.ssl_established = False self.clientcert = None - def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None): + def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None, handle_sni=None): """ method: One of SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, or TLSv1_METHOD + handle_sni: SNI handler, should take a connection object. Server + name can be retrieved like this: + + connection.get_servername() + + And you can specify the connection keys as follows: + + new_context = Context(TLSv1_METHOD) + new_context.use_privatekey(key) + new_context.use_certificate(cert) + connection.set_context(new_context) """ ctx = SSL.Context(method) if not options is None: ctx.set_options(options) - # SNI callback happens during do_handshake() - ctx.set_tlsext_servername_callback(self.handle_sni) + if handle_sni: + # SNI callback happens during do_handshake() + ctx.set_tlsext_servername_callback(handle_sni) ctx.use_privatekey_file(key) ctx.use_certificate_file(cert) def ver(*args): @@ -290,23 +302,6 @@ class BaseHandler: # Remote has disconnected pass - def handle_sni(self, connection): - """ - Called if the client has given a server name indication. - - Server name can be retrieved like this: - - connection.get_servername() - - And you can specify the connection keys as follows: - - new_context = Context(TLSv1_METHOD) - new_context.use_privatekey(key) - new_context.use_certificate(cert) - connection.set_context(new_context) - """ - pass - def handle(self): # pragma: no cover raise NotImplementedError diff --git a/netlib/test.py b/netlib/test.py index 7d24d80e..3378279b 100644 --- a/netlib/test.py +++ b/netlib/test.py @@ -62,6 +62,7 @@ class TServer(tcp.TCPServer): self.ssl["key"], method = method, options = options, + handle_sni = getattr(h, "handle_sni", None) ) h.handle() h.finish() |