enable HTTP/2 by default if available

author: Thomas Kriechbaumer <thomas@kriechbaumer.name> 2016-02-17 23:46:44 +0100
committer: Thomas Kriechbaumer <thomas@kriechbaumer.name> 2016-02-18 23:53:53 +0100
commit: 7d2c7efa575a7338ed5402972ae8772be4b0298d (patch)
tree: 11930c293ffea532eaf73bed5c9bbf454f06e1b3 /mitmproxy
parent: 7c6bf7abb3c0e94f9c4dfa77fe0690fe11c6d4d3 (diff)
download: mitmproxy-7d2c7efa575a7338ed5402972ae8772be4b0298d.tar.gz
mitmproxy-7d2c7efa575a7338ed5402972ae8772be4b0298d.tar.bz2
mitmproxy-7d2c7efa575a7338ed5402972ae8772be4b0298d.zip
4 files changed, 26 insertions, 17 deletions
diff --git a/mitmproxy/cmdline.py b/mitmproxy/cmdline.py
index fedd4f13..3e9fa011 100644
--- a/mitmproxy/cmdline.py
+++ b/mitmproxy/cmdline.py
@@ -362,18 +362,14 @@ def proxy_options(parser):
         action="store", type=int, dest="port", default=8080,
         help="Proxy service port."
     )
-    http2 = group.add_mutually_exclusive_group()
-    # !!!
-    # Watch out: We raise a RuntimeError in mitmproxy.proxy.config if http2 is enabled,
-    # but the OpenSSL version does not have ALPN support (which is the default on Ubuntu 14.04).
-    # Do not simply set --http2 as enabled by default.
-    # !!!
-    http2.add_argument("--http2", action="store_true", dest="http2")
-    http2.add_argument("--no-http2", action="store_false", dest="http2",
-                       help="Explicitly enable/disable experimental HTTP2 support. "
-                            "Disabled by default. "
-                            "Default value will change in a future version."
-                       )
+    group.add_argument(
+        "--no-http2",
+        action="store_false", dest="http2",
+        help="""
+            Explicitly disable HTTP/2 support.
+            If your OpenSSL version supports ALPN, HTTP/2 is enabled by default.
+        """
+    )
     rawtcp = group.add_mutually_exclusive_group()
     rawtcp.add_argument("--raw-tcp", action="store_true", dest="rawtcp")
     rawtcp.add_argument("--no-raw-tcp", action="store_false", dest="rawtcp",
diff --git a/mitmproxy/console/__init__.py b/mitmproxy/console/__init__.py
index e739ec61..c6b91e16 100644
--- a/mitmproxy/console/__init__.py
+++ b/mitmproxy/console/__init__.py
@@ -14,6 +14,8 @@ import traceback
 import urwid
 import weakref
 
+from netlib import tcp
+
 from .. import controller, flow, script, contentviews
 from . import flowlist, flowview, help, window, signals, options
 from . import grideditor, palettes, statusbar, palettepicker
@@ -452,6 +454,14 @@ class ConsoleMaster(flow.FlowMaster):
             signals.update_settings.send()
         self.loop.set_alarm_in(0.01, self.ticker)
 
+        if not hasattr(self, 'http2_error_shown') and self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+            self.http2_error_shown = True
+            signals.status_message.send(
+                message="ALPN support missing (OpenSSL 1.0.2+ required). "
+                        "HTTP/2 is disabled. Use --no-http2 to silence this warning.",
+                expire=5
+            )
+
     def run(self):
         self.ui = urwid.raw_display.Screen()
         self.ui.set_terminal_properties(256)
diff --git a/mitmproxy/dump.py b/mitmproxy/dump.py
index 6dab2ddc..d7f076cf 100644
--- a/mitmproxy/dump.py
+++ b/mitmproxy/dump.py
@@ -1,9 +1,10 @@
 from __future__ import absolute_import, print_function
 import traceback
-
+import sys
 import click
 import itertools
 
+from netlib import tcp
 from netlib.http import CONTENT_MISSING
 import netlib.utils
 from . import flow, filt, contentviews
@@ -72,6 +73,11 @@ class DumpMaster(flow.FlowMaster):
 
         self.set_stream_large_bodies(options.stream_large_bodies)
 
+        if self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+            print("ALPN support missing (OpenSSL 1.0.2+ required)!\n"
+                "HTTP/2 is disabled. Use --no-http2 to silence this warning.",
+                file=sys.stderr)
+
         if options.filtstr:
             self.filt = filt.parse(options.filtstr)
         else:
diff --git a/mitmproxy/proxy/config.py b/mitmproxy/proxy/config.py
index a635ab19..490cf20c 100644
--- a/mitmproxy/proxy/config.py
+++ b/mitmproxy/proxy/config.py
@@ -56,7 +56,7 @@ class ProxyConfig:
             authenticator=None,
             ignore_hosts=tuple(),
             tcp_hosts=tuple(),
-            http2=False,
+            http2=True,
             rawtcp=False,
             ciphers_client=DEFAULT_CLIENT_CIPHERS,
             ciphers_server=None,
@@ -180,9 +180,6 @@ def process_proxy_options(parser, options):
             parser.error("Certificate file does not exist: %s" % parts[1])
         certs.append(parts)
 
-    if options.http2 and not tcp.HAS_ALPN:
-        raise RuntimeError("HTTP2 support requires OpenSSL 1.0.2 or above.")
-
     return ProxyConfig(
         host=options.addr,
         port=options.port,
author	Thomas Kriechbaumer <thomas@kriechbaumer.name>	2016-02-17 23:46:44 +0100
committer	Thomas Kriechbaumer <thomas@kriechbaumer.name>	2016-02-18 23:53:53 +0100
commit	7d2c7efa575a7338ed5402972ae8772be4b0298d (patch)
tree	11930c293ffea532eaf73bed5c9bbf454f06e1b3 /mitmproxy
parent	7c6bf7abb3c0e94f9c4dfa77fe0690fe11c6d4d3 (diff)
download	mitmproxy-7d2c7efa575a7338ed5402972ae8772be4b0298d.tar.gz mitmproxy-7d2c7efa575a7338ed5402972ae8772be4b0298d.tar.bz2 mitmproxy-7d2c7efa575a7338ed5402972ae8772be4b0298d.zip