diff options
Diffstat (limited to 'libmproxy/protocol/tls.py')
| -rw-r--r-- | libmproxy/protocol/tls.py | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/libmproxy/protocol/tls.py b/libmproxy/protocol/tls.py index af1a6055..986eb964 100644 --- a/libmproxy/protocol/tls.py +++ b/libmproxy/protocol/tls.py @@ -349,7 +349,7 @@ class TlsLayer(Layer): layer = self.ctx.next_layer(self) layer() - def __repr__(self): + def __repr__(self): # pragma: no cover if self._client_tls and self._server_tls: return "TlsLayer(client and server)" elif self._client_tls: @@ -560,5 +560,7 @@ class TlsLayer(Layer): if self._sni_from_server_change: sans.add(self._sni_from_server_change) - sans.discard(host) + # Some applications don't consider the CN and expect the hostname to be in the SANs. + # For example, Thunderbird 38 will display a warning if the remote host is only the CN. + sans.add(host) return self.config.certstore.get_cert(host, list(sans)) |