proxywatchd: fix mitm reset logic, track ssl_mitm category

2025-12-24 01:26:37 +01:00
parent 1a40f63bac
commit 38fb16a439
1 changed files with 4 additions and 2 deletions
--- a/proxywatchd.py
+++ b/proxywatchd.py
@@ -872,7 +872,7 @@ class ProxyTestState():
                if success:
                    self.ssl_success = True
            # Track cert errors
-            if category == 'cert_error' or category == 'ssl_error':
+            if category in ('cert_error', 'ssl_error', 'ssl_mitm'):
                self.cert_error = True
            # Check completion (inside lock to prevent race)
            if not self.completed and len(self.results) >= self.num_targets:
@@ -955,7 +955,9 @@ class ProxyTestState():

                self.proto = last_good['proto']
                self.failcount = 0
-                if (self.consecutive_success % 3) == 0:
+                # Only reset mitm after 3 consecutive clean successes (not on first success)
+                # and only if this test didn't detect MITM
+                if self.consecutive_success > 0 and (self.consecutive_success % 3) == 0 and not self.cert_error:
                    self.mitm = 0
                self.consecutive_success += 1
                self.success_count += 1