ProxyConfig: Refactor to move verification mode checks into configure

1 files changed, 11 insertions, 10 deletions

diff --git a/mitmproxy/proxy/config.py b/mitmproxy/proxy/config.py
index 58c7d1c6..2bf044a0 100644
--- a/mitmproxy/proxy/config.py
+++ b/mitmproxy/proxy/config.py
@@ -102,27 +102,28 @@ class ProxyConfig:
         self.rawtcp = rawtcp
         self.authenticator = authenticator
 
-        self.openssl_method_client, self.openssl_options_client = \
-            tcp.sslversion_choices[options.ssl_version_client]
-        self.openssl_method_server, self.openssl_options_server = \
-            tcp.sslversion_choices[options.ssl_version_server]
-
-        if options.ssl_verify_upstream_cert:
-            self.openssl_verification_mode_server = SSL.VERIFY_PEER
-        else:
-            self.openssl_verification_mode_server = SSL.VERIFY_NONE
-
         self.check_ignore = None
         self.check_tcp = None
         self.certstore = None
         self.clientcerts = None
+        self.openssl_verification_mode_server = None
         self.configure(options)
         options.changed.connect(self.configure)
 
     def configure(self, options):
+        if options.ssl_verify_upstream_cert:
+            self.openssl_verification_mode_server = SSL.VERIFY_PEER
+        else:
+            self.openssl_verification_mode_server = SSL.VERIFY_NONE
+
         self.check_ignore = HostMatcher(options.ignore_hosts)
         self.check_tcp = HostMatcher(options.tcp_hosts)
 
+        self.openssl_method_client, self.openssl_options_client = \
+            tcp.sslversion_choices[options.ssl_version_client]
+        self.openssl_method_server, self.openssl_options_server = \
+            tcp.sslversion_choices[options.ssl_version_server]
+
         certstore_path = os.path.expanduser(options.cadir)
         if not os.path.exists(os.path.dirname(certstore_path)):
             raise exceptions.OptionsError(