1 files changed, 6 insertions, 3 deletions

diff --git a/libmproxy/protocol2/tls.py b/libmproxy/protocol2/tls.py
index 8e367728..970abe62 100644
--- a/libmproxy/protocol2/tls.py
+++ b/libmproxy/protocol2/tls.py
@@ -124,7 +124,7 @@ class TlsLayer(Layer):
 
             if old_upstream_sni != self.sni_for_upstream_connection:
                 # Perform reconnect
-                if self._server_tls:
+                if self.server_conn and self._server_tls:
                     self.yield_from_callback(Reconnect())
 
             if self.client_sni:
@@ -151,9 +151,11 @@ class TlsLayer(Layer):
         alpn_preference = netlib.http.http2.HTTP2Protocol.ALPN_PROTO_H2
         ###
 
+        # TODO: Not
         if self.client_alpn_protos != options:
             # Perform reconnect
-            if self._server_tls:
+            # TODO: Avoid double reconnect.
+            if self.server_conn and self._server_tls:
                 self.yield_from_callback(Reconnect())
 
         self.client_alpn_protos = options
@@ -219,7 +221,7 @@ class TlsLayer(Layer):
         host = self.server_conn.address.host
         sans = set()
         # Incorporate upstream certificate
-        if self.server_conn.tls_established and (not self.config.no_upstream_cert):
+        if self.server_conn and self.server_conn.tls_established and (not self.config.no_upstream_cert):
             upstream_cert = self.server_conn.cert
             sans.update(upstream_cert.altnames)
             if upstream_cert.cn:
@@ -231,4 +233,5 @@ class TlsLayer(Layer):
         if self._sni_from_server_change:
             sans.add(self._sni_from_server_change)
 
+        sans.discard(host)
         return self.config.certstore.get_cert(host, list(sans))