do some housekeeping

author: Maximilian Hils <git@maximilianhils.com> 2015-03-02 14:35:50 +0100
committer: Maximilian Hils <git@maximilianhils.com> 2015-03-02 14:35:50 +0100
commit: 75ba0a92e4dd0f331505f450d6baa89b18abe2f2 (patch)
tree: ee5225733a807d8f34fec9c0c46076a0b689c76d /libmproxy
parent: 7cf1ec7435d6893555152136fcd346eb9bec5fbc (diff)
download: mitmproxy-75ba0a92e4dd0f331505f450d6baa89b18abe2f2.tar.gz
mitmproxy-75ba0a92e4dd0f331505f450d6baa89b18abe2f2.tar.bz2
mitmproxy-75ba0a92e4dd0f331505f450d6baa89b18abe2f2.zip
2 files changed, 39 insertions, 39 deletions
diff --git a/libmproxy/proxy/config.py b/libmproxy/proxy/config.py
index a4765852..dfde2958 100644
--- a/libmproxy/proxy/config.py
+++ b/libmproxy/proxy/config.py
@@ -45,8 +45,8 @@ class ProxyConfig:
             authenticator=None,
             ignore_hosts=[],
             tcp_hosts=[],
-            client_ciphers=None,
-            server_ciphers=None,
+            ciphers_client=None,
+            ciphers_server=None,
             certs=[],
             certforward=False,
             ssl_version_client="secure",
@@ -56,8 +56,8 @@ class ProxyConfig:
         self.host = host
         self.port = port
         self.server_version = server_version
-        self.client_ciphers = client_ciphers
-        self.server_ciphers = server_ciphers
+        self.ciphers_client = ciphers_client
+        self.ciphers_server = ciphers_server
         self.clientcerts = clientcerts
         self.no_upstream_cert = no_upstream_cert
         self.body_size_limit = body_size_limit
@@ -85,8 +85,8 @@ class ProxyConfig:
         for spec, cert in certs:
             self.certstore.add_cert_file(spec, cert)
         self.certforward = certforward
-        self.openssl_client_method, self.openssl_client_options = version_to_openssl(ssl_version_client)
-        self.openssl_server_method, self.openssl_server_options = version_to_openssl(ssl_version_server)
+        self.openssl_method_client, self.openssl_options_client = version_to_openssl(ssl_version_client)
+        self.openssl_method_server, self.openssl_options_server = version_to_openssl(ssl_version_server)
         self.ssl_ports = ssl_ports
 
 
@@ -190,8 +190,8 @@ def process_proxy_options(parser, options):
         ignore_hosts=options.ignore_hosts,
         tcp_hosts=options.tcp_hosts,
         authenticator=authenticator,
-        client_ciphers=options.client_ciphers,
-        server_ciphers=options.server_ciphers,
+        ciphers_client=options.ciphers_client,
+        ciphers_server=options.ciphers_server,
         certs=certs,
         certforward=options.certforward,
         ssl_version_client=options.ssl_version_client,
@@ -213,24 +213,35 @@ def ssl_option_group(parser):
              'Can be passed multiple times.'
     )
     group.add_argument(
+        "--cert-forward", action="store_true",
+        dest="certforward", default=False,
+        help="Simply forward SSL certificates from upstream."
+    )
+    group.add_argument(
+        "--ciphers-client", action="store",
+        type=str, dest="ciphers_client", default=None,
+        help="Set supported ciphers for client connections. (OpenSSL Syntax)"
+    )
+    group.add_argument(
+        "--ciphers-server", action="store",
+        type=str, dest="ciphers_server", default=None,
+        help="Set supported ciphers for server connections. (OpenSSL Syntax)"
+    )
+    group.add_argument(
         "--client-certs", action="store",
         type=str, dest="clientcerts", default=None,
         help="Client certificate directory."
     )
     group.add_argument(
-        "--client-ciphers", action="store",
-        type=str, dest="client_ciphers", default=None,
-        help="Client facing SSL cipher specification."
-    )
-    group.add_argument(
-        "--server-ciphers", action="store",
-        type=str, dest="server_ciphers", default=None,
-        help="Server facing SSL cipher specification."
+        "--no-upstream-cert", default=False,
+        action="store_true", dest="no_upstream_cert",
+        help="Don't connect to upstream server to look up certificate details."
     )
     group.add_argument(
-        "--cert-forward", action="store_true",
-        dest="certforward", default=False,
-        help="Simply forward SSL certificates from upstream."
+        "--ssl-port", action="append", type=int, dest="ssl_ports", default=list(TRANSPARENT_SSL_PORTS),
+        metavar="PORT",
+        help="Can be passed multiple times. Specify destination ports which are assumed to be SSL. "
+             "Defaults to %s." % str(TRANSPARENT_SSL_PORTS)
     )
     group.add_argument(
         "--ssl-version-client", dest="ssl_version_client",
@@ -246,14 +257,3 @@ def ssl_option_group(parser):
         help="Set supported SSL/TLS version for server connections. "
              "SSLv2, SSLv3 and 'all' are INSECURE. Defaults to secure."
     )
-    group.add_argument(
-        "--no-upstream-cert", default=False,
-        action="store_true", dest="no_upstream_cert",
-        help="Don't connect to upstream server to look up certificate details."
-    )
-    group.add_argument(
-        "--ssl-port", action="append", type=int, dest="ssl_ports", default=list(TRANSPARENT_SSL_PORTS),
-        metavar="PORT",
-        help="Can be passed multiple times. Specify destination ports which are assumed to be SSL. "
-             "Defaults to %s." % str(TRANSPARENT_SSL_PORTS)
-    )
diff --git a/libmproxy/proxy/server.py b/libmproxy/proxy/server.py
index cb6d3c70..896dd024 100644
--- a/libmproxy/proxy/server.py
+++ b/libmproxy/proxy/server.py
@@ -187,9 +187,9 @@ class ConnectionHandler:
                 self.server_conn.establish_ssl(
                     self.config.clientcerts,
                     sni,
-                    method=self.config.openssl_server_method,
-                    options=self.config.openssl_server_options,
-                    cipher_list=self.config.server_ciphers,
+                    method=self.config.openssl_method_server,
+                    options=self.config.openssl_options_server,
+                    cipher_list=self.config.ciphers_server,
                 )
             except tcp.NetLibError as v:
                 e = ProxyError(502, repr(v))
@@ -208,10 +208,10 @@ class ConnectionHandler:
             try:
                 self.client_conn.convert_to_ssl(
                     cert, key,
-                    method=self.config.openssl_client_method,
-                    options=self.config.openssl_client_options,
+                    method=self.config.openssl_method_client,
+                    options=self.config.openssl_options_client,
                     handle_sni=self.handle_sni,
-                    cipher_list=self.config.client_ciphers,
+                    cipher_list=self.config.ciphers_client,
                     dhparams=self.config.certstore.dhparams,
                     chain_file=chain_file
                 )
@@ -297,9 +297,9 @@ class ConnectionHandler:
                 cert, key, chain_file = self.find_cert()
                 new_context = self.client_conn._create_ssl_context(
                     cert, key,
-                    method=self.config.openssl_client_method,
-                    options=self.config.openssl_client_options,
-                    cipher_list=self.config.client_ciphers,
+                    method=self.config.openssl_method_client,
+                    options=self.config.openssl_options_client,
+                    cipher_list=self.config.ciphers_client,
                     dhparams=self.config.certstore.dhparams,
                     chain_file=chain_file
                 )
author	Maximilian Hils <git@maximilianhils.com>	2015-03-02 14:35:50 +0100
committer	Maximilian Hils <git@maximilianhils.com>	2015-03-02 14:35:50 +0100
commit	75ba0a92e4dd0f331505f450d6baa89b18abe2f2 (patch)
tree	ee5225733a807d8f34fec9c0c46076a0b689c76d /libmproxy
parent	7cf1ec7435d6893555152136fcd346eb9bec5fbc (diff)
download	mitmproxy-75ba0a92e4dd0f331505f450d6baa89b18abe2f2.tar.gz mitmproxy-75ba0a92e4dd0f331505f450d6baa89b18abe2f2.tar.bz2 mitmproxy-75ba0a92e4dd0f331505f450d6baa89b18abe2f2.zip