(
self, data: bytes
)
| 560 | yield from () |
| 561 | |
| 562 | def receive_handshake_data( |
| 563 | self, data: bytes |
| 564 | ) -> layer.CommandGenerator[tuple[bool, str | None]]: |
| 565 | if self.client_hello_parsed: |
| 566 | return (yield from super().receive_handshake_data(data)) |
| 567 | self.recv_buffer.extend(data) |
| 568 | try: |
| 569 | if self.is_dtls: |
| 570 | client_hello = dtls_parse_client_hello(self.recv_buffer) |
| 571 | else: |
| 572 | client_hello = parse_client_hello(self.recv_buffer) |
| 573 | except ValueError: |
| 574 | return False, f"Cannot parse ClientHello: {self.recv_buffer.hex()}" |
| 575 | |
| 576 | if client_hello: |
| 577 | self.client_hello_parsed = True |
| 578 | else: |
| 579 | return False, None |
| 580 | |
| 581 | self.conn.sni = client_hello.sni |
| 582 | self.conn.alpn_offers = client_hello.alpn_protocols |
| 583 | tls_clienthello = ClientHelloData(self.context, client_hello) |
| 584 | yield TlsClienthelloHook(tls_clienthello) |
| 585 | |
| 586 | if tls_clienthello.ignore_connection: |
| 587 | # we've figured out that we don't want to intercept this connection, so we assign fake connection objects |
| 588 | # to all TLS layers. This makes the real connection contents just go through. |
| 589 | self.conn = self.tunnel_connection = connection.Client( |
| 590 | peername=("ignore-conn", 0), sockname=("ignore-conn", 0) |
| 591 | ) |
| 592 | parent_layer = self.context.layers[self.context.layers.index(self) - 1] |
| 593 | if isinstance(parent_layer, ServerTLSLayer): |
| 594 | parent_layer.conn = parent_layer.tunnel_connection = connection.Server( |
| 595 | address=None |
| 596 | ) |
| 597 | if self.is_dtls: |
| 598 | self.child_layer = udp.UDPLayer(self.context, ignore=True) |
| 599 | else: |
| 600 | self.child_layer = tcp.TCPLayer(self.context, ignore=True) |
| 601 | yield from self.event_to_child( |
| 602 | events.DataReceived(self.context.client, bytes(self.recv_buffer)) |
| 603 | ) |
| 604 | self.recv_buffer.clear() |
| 605 | return True, None |
| 606 | if ( |
| 607 | tls_clienthello.establish_server_tls_first |
| 608 | and not self.context.server.tls_established |
| 609 | ): |
| 610 | err = yield from self.start_server_tls() |
| 611 | if err: |
| 612 | yield commands.Log( |
| 613 | f"Unable to establish {self.proto_name} connection with server ({err}). " |
| 614 | f"Trying to establish {self.proto_name} with client anyway. " |
| 615 | f"If you plan to redirect requests away from this server, " |
| 616 | f"consider setting `connection_strategy` to `lazy` to suppress early connections." |
| 617 | ) |
| 618 | |
| 619 | yield from self.start_tls() |
nothing calls this directly
no test coverage detected