Merge branch 'master' of https://github.com/mitmproxy/mitmproxy

author: Maximilian Hils <git@maximilianhils.com> 2016-02-19 00:30:51 +0100
committer: Maximilian Hils <git@maximilianhils.com> 2016-02-19 00:30:51 +0100
commit: 614e2ebf299310675088bbad596badb5ffb7515e (patch)
tree: 6f21a7a591afb3586e785bbe3520dd16309ff159
parent: 2bec6a35e211422c61a5404ec6a8c7572c318b54 (diff)
parent: a635e04fbfb1623db25687bb04c022b32bd0ed2c (diff)
download: mitmproxy-614e2ebf299310675088bbad596badb5ffb7515e.tar.gz
mitmproxy-614e2ebf299310675088bbad596badb5ffb7515e.tar.bz2
mitmproxy-614e2ebf299310675088bbad596badb5ffb7515e.zip
4 files changed, 27 insertions, 17 deletions
diff --git a/mitmproxy/cmdline.py b/mitmproxy/cmdline.py
index fedd4f13..3e9fa011 100644
--- a/mitmproxy/cmdline.py
+++ b/mitmproxy/cmdline.py
@@ -362,18 +362,14 @@ def proxy_options(parser):
         action="store", type=int, dest="port", default=8080,
         help="Proxy service port."
     )
-    http2 = group.add_mutually_exclusive_group()
-    # !!!
-    # Watch out: We raise a RuntimeError in mitmproxy.proxy.config if http2 is enabled,
-    # but the OpenSSL version does not have ALPN support (which is the default on Ubuntu 14.04).
-    # Do not simply set --http2 as enabled by default.
-    # !!!
-    http2.add_argument("--http2", action="store_true", dest="http2")
-    http2.add_argument("--no-http2", action="store_false", dest="http2",
-                       help="Explicitly enable/disable experimental HTTP2 support. "
-                            "Disabled by default. "
-                            "Default value will change in a future version."
-                       )
+    group.add_argument(
+        "--no-http2",
+        action="store_false", dest="http2",
+        help="""
+            Explicitly disable HTTP/2 support.
+            If your OpenSSL version supports ALPN, HTTP/2 is enabled by default.
+        """
+    )
     rawtcp = group.add_mutually_exclusive_group()
     rawtcp.add_argument("--raw-tcp", action="store_true", dest="rawtcp")
     rawtcp.add_argument("--no-raw-tcp", action="store_false", dest="rawtcp",
diff --git a/mitmproxy/console/__init__.py b/mitmproxy/console/__init__.py
index e739ec61..f7e7b0d5 100644
--- a/mitmproxy/console/__init__.py
+++ b/mitmproxy/console/__init__.py
@@ -14,6 +14,8 @@ import traceback
 import urwid
 import weakref
 
+from netlib import tcp
+
 from .. import controller, flow, script, contentviews
 from . import flowlist, flowview, help, window, signals, options
 from . import grideditor, palettes, statusbar, palettepicker
@@ -452,6 +454,7 @@ class ConsoleMaster(flow.FlowMaster):
             signals.update_settings.send()
         self.loop.set_alarm_in(0.01, self.ticker)
 
+
     def run(self):
         self.ui = urwid.raw_display.Screen()
         self.ui.set_terminal_properties(256)
@@ -481,6 +484,14 @@ class ConsoleMaster(flow.FlowMaster):
                 sys.exit(1)
 
         self.loop.set_alarm_in(0.01, self.ticker)
+        if self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+            def http2err(*args, **kwargs):
+                signals.status_message.send(
+                    message = "HTTP/2 disabled - OpenSSL 1.0.2+ required."
+                              " Use --no-http2 to silence this warning.",
+                    expire=5
+                )
+            self.loop.set_alarm_in(0.01, http2err)
 
         # It's not clear why we need to handle this explicitly - without this,
         # mitmproxy hangs on keyboard interrupt. Remove if we ever figure it
diff --git a/mitmproxy/dump.py b/mitmproxy/dump.py
index 6dab2ddc..d7f076cf 100644
--- a/mitmproxy/dump.py
+++ b/mitmproxy/dump.py
@@ -1,9 +1,10 @@
 from __future__ import absolute_import, print_function
 import traceback
-
+import sys
 import click
 import itertools
 
+from netlib import tcp
 from netlib.http import CONTENT_MISSING
 import netlib.utils
 from . import flow, filt, contentviews
@@ -72,6 +73,11 @@ class DumpMaster(flow.FlowMaster):
 
         self.set_stream_large_bodies(options.stream_large_bodies)
 
+        if self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+            print("ALPN support missing (OpenSSL 1.0.2+ required)!\n"
+                "HTTP/2 is disabled. Use --no-http2 to silence this warning.",
+                file=sys.stderr)
+
         if options.filtstr:
             self.filt = filt.parse(options.filtstr)
         else:
diff --git a/mitmproxy/proxy/config.py b/mitmproxy/proxy/config.py
index a635ab19..490cf20c 100644
--- a/mitmproxy/proxy/config.py
+++ b/mitmproxy/proxy/config.py
@@ -56,7 +56,7 @@ class ProxyConfig:
             authenticator=None,
             ignore_hosts=tuple(),
             tcp_hosts=tuple(),
-            http2=False,
+            http2=True,
             rawtcp=False,
             ciphers_client=DEFAULT_CLIENT_CIPHERS,
             ciphers_server=None,
@@ -180,9 +180,6 @@ def process_proxy_options(parser, options):
             parser.error("Certificate file does not exist: %s" % parts[1])
         certs.append(parts)
 
-    if options.http2 and not tcp.HAS_ALPN:
-        raise RuntimeError("HTTP2 support requires OpenSSL 1.0.2 or above.")
-
     return ProxyConfig(
         host=options.addr,
         port=options.port,
author	Maximilian Hils <git@maximilianhils.com>	2016-02-19 00:30:51 +0100
committer	Maximilian Hils <git@maximilianhils.com>	2016-02-19 00:30:51 +0100
commit	614e2ebf299310675088bbad596badb5ffb7515e (patch)
tree	6f21a7a591afb3586e785bbe3520dd16309ff159
parent	2bec6a35e211422c61a5404ec6a8c7572c318b54 (diff)
parent	a635e04fbfb1623db25687bb04c022b32bd0ed2c (diff)
download	mitmproxy-614e2ebf299310675088bbad596badb5ffb7515e.tar.gz mitmproxy-614e2ebf299310675088bbad596badb5ffb7515e.tar.bz2 mitmproxy-614e2ebf299310675088bbad596badb5ffb7515e.zip