[docs/libmproxy/test] Support single client-side cert file as argument to

--client-certs
author: Michael J. Bazzinotti <mbazzinotti@gmail.com> 2015-12-28 15:20:45 -0500
committer: Michael J. Bazzinotti <mbazzinotti@gmail.com> 2015-12-28 15:20:45 -0500
commit: 80690b79062c739fc8adfc725d39a68d4b65b43a (patch)
tree: e80e05eff05a690a0c7d76ba36b46cb4329c631f /libmproxy
parent: 6391b05ef1b92585765eb77e352921ec61b65020 (diff)
download: mitmproxy-80690b79062c739fc8adfc725d39a68d4b65b43a.tar.gz
mitmproxy-80690b79062c739fc8adfc725d39a68d4b65b43a.tar.bz2
mitmproxy-80690b79062c739fc8adfc725d39a68d4b65b43a.zip
3 files changed, 14 insertions, 9 deletions
diff --git a/libmproxy/cmdline.py b/libmproxy/cmdline.py
index 16678486..99b76e68 100644
--- a/libmproxy/cmdline.py
+++ b/libmproxy/cmdline.py
@@ -407,7 +407,7 @@ def proxy_ssl_options(parser):
     group.add_argument(
         "--client-certs", action="store",
         type=str, dest="clientcerts", default=None,
-        help="Client certificate directory."
+        help="Client certificate file or directory."
     )
     group.add_argument(
         "--no-upstream-cert", default=False,
diff --git a/libmproxy/models/connections.py b/libmproxy/models/connections.py
index 3aa522ea..0991955d 100644
--- a/libmproxy/models/connections.py
+++ b/libmproxy/models/connections.py
@@ -174,11 +174,14 @@ class ServerConnection(tcp.TCPClient, stateobject.StateObject):
     def establish_ssl(self, clientcerts, sni, **kwargs):
         clientcert = None
         if clientcerts:
-            path = os.path.join(
-                clientcerts,
-                self.address.host.encode("idna")) + ".pem"
-            if os.path.exists(path):
-                clientcert = path
+            if os.path.isfile(clientcerts):
+                clientcert = clientcerts
+            else:
+                path = os.path.join(
+                    clientcerts,
+                    self.address.host.encode("idna")) + ".pem"
+                if os.path.exists(path):
+                    clientcert = path
 
         self.convert_to_ssl(cert=clientcert, sni=sni, **kwargs)
         self.sni = sni
diff --git a/libmproxy/proxy/config.py b/libmproxy/proxy/config.py
index c7b51311..f06e55ca 100644
--- a/libmproxy/proxy/config.py
+++ b/libmproxy/proxy/config.py
@@ -133,10 +133,12 @@ def process_proxy_options(parser, options):
 
     if options.clientcerts:
         options.clientcerts = os.path.expanduser(options.clientcerts)
-        if not os.path.exists(options.clientcerts) or not os.path.isdir(options.clientcerts):
+        if not (os.path.exists(options.clientcerts) or
+                os.path.isdir(options.clientcerts) or
+                os.path.isfile(options.clientcerts)):
             return parser.error(
-                "Client certificate directory does not exist or is not a directory: %s" %
-                options.clientcerts
+                "Client certificate argument is not a file or directory, "
+                "or does not exist: %s" % options.clientcerts
             )
 
     if options.auth_nonanonymous or options.auth_singleuser or options.auth_htpasswd:
author	Michael J. Bazzinotti <mbazzinotti@gmail.com>	2015-12-28 15:20:45 -0500
committer	Michael J. Bazzinotti <mbazzinotti@gmail.com>	2015-12-28 15:20:45 -0500
commit	80690b79062c739fc8adfc725d39a68d4b65b43a (patch)
tree	e80e05eff05a690a0c7d76ba36b46cb4329c631f /libmproxy
parent	6391b05ef1b92585765eb77e352921ec61b65020 (diff)
download	mitmproxy-80690b79062c739fc8adfc725d39a68d4b65b43a.tar.gz mitmproxy-80690b79062c739fc8adfc725d39a68d4b65b43a.tar.bz2 mitmproxy-80690b79062c739fc8adfc725d39a68d4b65b43a.zip