ProxyConfig: http2, rawtcp, no_upstream_cert -> Options

10 files changed, 23 insertions, 27 deletions

diff --git a/mitmproxy/cmdline.py b/mitmproxy/cmdline.py
index f703b8ec..00d71511 100644
--- a/mitmproxy/cmdline.py
+++ b/mitmproxy/cmdline.py
@@ -258,10 +258,13 @@ def get_common_options(args):
         ciphers_client = args.ciphers_client,
         ciphers_server = args.ciphers_server,
         clientcerts = args.clientcerts,
+        http2 = args.http2,
         ignore_hosts = args.ignore_hosts,
         listen_host = args.addr,
         listen_port = args.port,
         mode = mode,
+        no_upstream_cert = args.no_upstream_cert,
+        rawtcp = args.rawtcp,
         upstream_server = upstream_server,
         upstream_auth = args.upstream_auth,
         ssl_version_client = args.ssl_version_client,
diff --git a/mitmproxy/console/master.py b/mitmproxy/console/master.py
index 25a0b83f..86e889cc 100644
--- a/mitmproxy/console/master.py
+++ b/mitmproxy/console/master.py
@@ -476,7 +476,7 @@ class ConsoleMaster(flow.FlowMaster):
                 sys.exit(1)
 
         self.loop.set_alarm_in(0.01, self.ticker)
-        if self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+        if self.options.http2 and not tcp.HAS_ALPN:  # pragma: no cover
             def http2err(*args, **kwargs):
                 signals.status_message.send(
                     message = "HTTP/2 disabled - OpenSSL 1.0.2+ required."
diff --git a/mitmproxy/dump.py b/mitmproxy/dump.py
index eaa368a0..78dd2578 100644
--- a/mitmproxy/dump.py
+++ b/mitmproxy/dump.py
@@ -53,7 +53,7 @@ class DumpMaster(flow.FlowMaster):
 
         self.set_stream_large_bodies(options.stream_large_bodies)
 
-        if self.server and self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+        if self.server and self.options.http2 and not tcp.HAS_ALPN:  # pragma: no cover
             print("ALPN support missing (OpenSSL 1.0.2+ required)!\n"
                   "HTTP/2 is disabled. Use --no-http2 to silence this warning.",
                   file=sys.stderr)
diff --git a/mitmproxy/flow/options.py b/mitmproxy/flow/options.py
index 2586fec7..f1f8c2ed 100644
--- a/mitmproxy/flow/options.py
+++ b/mitmproxy/flow/options.py
@@ -46,10 +46,13 @@ class Options(options.Options):
             ciphers_client = cmdline.DEFAULT_CLIENT_CIPHERS,   # type: str
             ciphers_server = None,   # type: Optional[str]
             clientcerts = None,  # type: Optional[str]
+            http2 = True,  # type: bool
             ignore_hosts = (),  # type: Sequence[str]
             listen_host = "",  # type: str
             listen_port = 8080,  # type: int
             mode = "regular",  # type: str
+            no_upstream_cert = False,  # type: bool
+            rawtcp = False,  # type: bool
             upstream_server = "",  # type: str
             upstream_auth = "",  # type: str
             ssl_version_client="secure",  # type: str
@@ -97,10 +100,13 @@ class Options(options.Options):
         self.ciphers_client = ciphers_client
         self.ciphers_server = ciphers_server
         self.clientcerts = clientcerts
+        self.http2 = http2
         self.ignore_hosts = ignore_hosts
         self.listen_host = listen_host
         self.listen_port = listen_port
         self.mode = mode
+        self.no_upstream_cert = no_upstream_cert
+        self.rawtcp = rawtcp
         self.upstream_server = upstream_server
         self.upstream_auth = upstream_auth
         self.ssl_version_client = ssl_version_client
diff --git a/mitmproxy/protocol/tls.py b/mitmproxy/protocol/tls.py
index c44df299..51f4d80d 100644
--- a/mitmproxy/protocol/tls.py
+++ b/mitmproxy/protocol/tls.py
@@ -366,7 +366,7 @@ class TlsLayer(base.Layer):
         #  2.5 The client did not sent a SNI value, we don't know the certificate subject.
         client_tls_requires_server_connection = (
             self._server_tls and
-            not self.config.no_upstream_cert and
+            not self.config.options.no_upstream_cert and
             (
                 self.config.options.add_upstream_certs_to_client_chain or
                 self._client_hello.alpn_protocols or
@@ -519,7 +519,7 @@ class TlsLayer(base.Layer):
                 alpn = [x for x in self._client_hello.alpn_protocols if not deprecated_http2_variant(x)]
             else:
                 alpn = None
-            if alpn and b"h2" in alpn and not self.config.http2:
+            if alpn and b"h2" in alpn and not self.config.options.http2:
                 alpn.remove(b"h2")
 
             ciphers_server = self.config.options.ciphers_server
@@ -595,7 +595,7 @@ class TlsLayer(base.Layer):
         use_upstream_cert = (
             self.server_conn and
             self.server_conn.tls_established and
-            (not self.config.no_upstream_cert)
+            (not self.config.options.no_upstream_cert)
         )
         if use_upstream_cert:
             upstream_cert = self.server_conn.cert
diff --git a/mitmproxy/proxy/config.py b/mitmproxy/proxy/config.py
index 6e645b99..ff133084 100644
--- a/mitmproxy/proxy/config.py
+++ b/mitmproxy/proxy/config.py
@@ -73,17 +73,10 @@ class ProxyConfig:
     def __init__(
             self,
             options,
-            no_upstream_cert=False,
             authenticator=None,
-            http2=True,
-            rawtcp=False,
-            certs=tuple(),
     ):
         self.options = options
-        self.no_upstream_cert = no_upstream_cert
 
-        self.http2 = http2
-        self.rawtcp = rawtcp
         self.authenticator = authenticator
 
         self.check_ignore = None
@@ -189,8 +182,5 @@ def process_proxy_options(parser, options, args):
 
     return ProxyConfig(
         options,
-        no_upstream_cert=args.no_upstream_cert,
-        http2=args.http2,
-        rawtcp=args.rawtcp,
         authenticator=authenticator,
     )
diff --git a/mitmproxy/proxy/root_context.py b/mitmproxy/proxy/root_context.py
index 4d6509d4..81dd625c 100644
--- a/mitmproxy/proxy/root_context.py
+++ b/mitmproxy/proxy/root_context.py
@@ -102,7 +102,7 @@ class RootContext(object):
             # expect A-Za-z
             all(65 <= x <= 90 or 97 <= x <= 122 for x in six.iterbytes(d))
         )
-        if self.config.rawtcp and not is_ascii:
+        if self.config.options.rawtcp and not is_ascii:
             return protocol.RawTCPLayer(top_layer)
 
         # 7. Assume HTTP1 by default
diff --git a/mitmproxy/web/app.py b/mitmproxy/web/app.py
index e6b95cdf..b643f97e 100644
--- a/mitmproxy/web/app.py
+++ b/mitmproxy/web/app.py
@@ -339,9 +339,9 @@ class Settings(RequestHandler):
                 mode=str(self.master.options.mode),
                 intercept=self.state.intercept_txt,
                 showhost=self.master.options.showhost,
-                no_upstream_cert=self.master.server.config.no_upstream_cert,
-                rawtcp=self.master.server.config.rawtcp,
-                http2=self.master.server.config.http2,
+                no_upstream_cert=self.master.options.no_upstream_cert,
+                rawtcp=self.master.options.rawtcp,
+                http2=self.master.options.http2,
                 anticache=self.master.options.anticache,
                 anticomp=self.master.options.anticomp,
                 stickyauth=self.master.options.stickyauth,
@@ -360,13 +360,13 @@ class Settings(RequestHandler):
                 self.master.options.showhost = v
                 update[k] = v
             elif k == "no_upstream_cert":
-                self.master.server.config.no_upstream_cert = v
+                self.master.options.no_upstream_cert = v
                 update[k] = v
             elif k == "rawtcp":
-                self.master.server.config.rawtcp = v
+                self.master.options.rawtcp = v
                 update[k] = v
             elif k == "http2":
-                self.master.server.config.http2 = v
+                self.master.options.http2 = v
                 update[k] = v
             elif k == "anticache":
                 self.master.options.anticache = v
diff --git a/test/mitmproxy/test_protocol_http2.py b/test/mitmproxy/test_protocol_http2.py
index d910ecae..e8866643 100644
--- a/test/mitmproxy/test_protocol_http2.py
+++ b/test/mitmproxy/test_protocol_http2.py
@@ -104,10 +104,9 @@ class _Http2TestBase(object):
 
     @classmethod
     def get_proxy_config(cls):
-        opts = options.Options(listen_port=0)
+        opts = options.Options(listen_port=0, no_upstream_cert=False)
         opts.cadir = os.path.join(tempfile.gettempdir(), "mitmproxy")
         d = dict(
-            no_upstream_cert=False,
             authenticator=None,
         )
         return d, opts
@@ -122,8 +121,6 @@ class _Http2TestBase(object):
         self.server.server.handle_server_event = self.handle_server_event
 
     def _setup_connection(self):
-        self.config.http2 = True
-
         client = netlib.tcp.TCPClient(("127.0.0.1", self.proxy.port))
         client.connect()
 
diff --git a/test/mitmproxy/tservers.py b/test/mitmproxy/tservers.py
index 2bfc27e8..8df30e34 100644
--- a/test/mitmproxy/tservers.py
+++ b/test/mitmproxy/tservers.py
@@ -121,12 +121,12 @@ class ProxyTestBase(object):
     def get_proxy_config(cls):
         cls.cadir = os.path.join(tempfile.gettempdir(), "mitmproxy")
         cnf = dict(
-            no_upstream_cert = cls.no_upstream_cert,
             authenticator = cls.authenticator,
         )
         return cnf, options.Options(
             listen_port=0,
             cadir=cls.cadir,
+            no_upstream_cert = cls.no_upstream_cert,
             add_upstream_certs_to_client_chain=cls.add_upstream_certs_to_client_chain
         )