allow specification of SSL version, only allow TLS1.0+ by default

2026-05-02 05:54:20 +08:00 · 2014-12-15 12:46:13 +01:00
parent 955c5c87a2
commit 4e635d7a6f
4 changed files with 71 additions and 22 deletions
--- a/libmproxy/protocol/primitives.py
+++ b/libmproxy/protocol/primitives.py
@@ -188,7 +188,7 @@ class LiveConnection(object):
            (
                ssl != self.c.server_conn.ssl_established
                or
-                (sni is not None and sni != self.c.sni)
+                (sni is not None and sni != self.c.server_conn.sni)
            )
        )
        address_mismatch = (address != self.c.server_conn.address)
@@ -219,10 +219,8 @@ class LiveConnection(object):

            self.c.set_server_address(address)
            self.c.establish_server_connection(ask=False)
-            if sni:
-                self.c.sni = sni
            if ssl:
-                self.c.establish_ssl(server=True)
+                self.c.establish_ssl(server=True, sni=sni)
            return True
        return False