Collect SSL options into an SSLOptions object

Also split SSL cert specifications from SSL service mode - we can now enter SSL service mode through a proxy CONNECT request as well.
author: Aldo Cortesi <aldo@nullcube.com> 2013-01-05 16:48:49 +1300
committer: Aldo Cortesi <aldo@nullcube.com> 2013-01-05 16:48:49 +1300
commit: 1e932e704577ff8159f93d424d4b7041dec29eea (patch)
tree: 0e44bc0b17af293a4721978cd3223cf48efca625
parent: 3886ccae9379d065e54e0eb7e961992ff3c0ee62 (diff)
download: mitmproxy-1e932e704577ff8159f93d424d4b7041dec29eea.tar.gz
mitmproxy-1e932e704577ff8159f93d424d4b7041dec29eea.tar.bz2
mitmproxy-1e932e704577ff8159f93d424d4b7041dec29eea.zip
3 files changed, 23 insertions, 25 deletions
diff --git a/libpathod/pathod.py b/libpathod/pathod.py
index 587e51bf..48aa076f 100644
--- a/libpathod/pathod.py
+++ b/libpathod/pathod.py
@@ -8,6 +8,13 @@ logger = logging.getLogger('pathod')
 class PathodError(Exception): pass
 
 
+class SSLOptions:
+    def __init__(self, certfile=None, keyfile=None, not_after_connect=None):
+        self.keyfile = keyfile or utils.data.path("resources/server.key")
+        self.certfile = certfile or utils.data.path("resources/server.crt")
+        self.not_after_connect = not_after_connect
+
+
 class PathodHandler(tcp.BaseHandler):
     wbufsize = 0
     sni = None
@@ -144,11 +151,11 @@ class PathodHandler(tcp.BaseHandler):
         self.info("\n".join(s))
 
     def handle(self):
-        if self.server.ssloptions and not self.server.ssloptions["ssl_after_connect"]:
+        if self.server.ssl:
             try:
                 self.convert_to_ssl(
-                    self.server.ssloptions["certfile"],
-                    self.server.ssloptions["keyfile"],
+                    self.server.ssloptions.certfile,
+                    self.server.ssloptions.keyfile,
                 )
             except tcp.NetLibError, v:
                 s = str(v)
@@ -182,7 +189,7 @@ class PathodHandler(tcp.BaseHandler):
 class Pathod(tcp.TCPServer):
     LOGBUF = 500
     def __init__(   self,
-                    addr, ssloptions=None, craftanchor="/p/", staticdir=None, anchors=None,
+                    addr, ssl=False, ssloptions=None, craftanchor="/p/", staticdir=None, anchors=None,
                     sizelimit=None, noweb=False, nocraft=False, noapi=False, nohang=False,
                     timeout=None, logreq=False, logresp=False, explain=False, hexdump=False
                 ):
@@ -199,7 +206,8 @@ class Pathod(tcp.TCPServer):
             nohang: Disable pauses.
         """
         tcp.TCPServer.__init__(self, addr)
-        self.ssloptions = ssloptions
+        self.ssl = ssl
+        self.ssloptions = ssloptions or SSLOptions()
         self.staticdir = staticdir
         self.craftanchor = craftanchor
         self.sizelimit = sizelimit
diff --git a/libpathod/test.py b/libpathod/test.py
index 22dc035d..5ff7180c 100644
--- a/libpathod/test.py
+++ b/libpathod/test.py
@@ -71,17 +71,9 @@ class _PaThread(threading.Thread):
         self.daemonargs = daemonargs
 
     def run(self):
-        if self.ssl is True:
-            ssloptions = dict(
-                 keyfile = utils.data.path("resources/server.key"),
-                 certfile = utils.data.path("resources/server.crt"),
-                 ssl_after_connect = False
-            )
-        else:
-            ssloptions = self.ssl
         self.server = pathod.Pathod(
             (self.iface, 0),
-            ssloptions = ssloptions,
+            ssl = self.ssl,
             **self.daemonargs
         )
         self.q.put(self.server.port)
diff --git a/pathod b/pathod
index 685352ba..29f59193 100755
--- a/pathod
+++ b/pathod
@@ -35,14 +35,11 @@ def main(parser, args):
     if any(sl) and not all(sl):
         parser.error("Both --certfile and --keyfile must be specified.")
 
-    if args.ssl:
-        ssloptions = dict(
-             keyfile = args.ssl_keyfile or utils.data.path("resources/server.key"),
-             certfile = args.ssl_certfile or utils.data.path("resources/server.crt"),
-             ssl_after_connect = args.ssl_after_connect
-        )
-    else:
-        ssloptions = None
+    ssloptions = pathod.SSLOptions(
+         keyfile = args.ssl_keyfile,
+         certfile = args.ssl_certfile,
+         not_after_connect = args.ssl_not_after_connect
+    )
 
     alst = []
     for i in args.anchors:
@@ -82,6 +79,7 @@ def main(parser, args):
         pd = pathod.Pathod(
             (args.address, args.port),
             craftanchor = args.craftanchor,
+            ssl = args.ssl,
             ssloptions = ssloptions,
             staticdir = args.staticdir,
             anchors = alst,
@@ -158,12 +156,12 @@ if __name__ == "__main__":
         'SSL',
     )
     group.add_argument(
-        "-C", dest='ssl_after_connect', default=False, action="store_true",
-        help='Expect SSL after a CONNECT request.'
+        "-C", dest='ssl_not_after_connect', default=False, action="store_true",
+        help="Don't expect SSL after a CONNECT request."
     )
     group.add_argument(
         "-s", dest='ssl', default=False, action="store_true",
-        help='Serve with SSL.'
+        help='Run in HTTPS mode.'
     )
     group.add_argument(
         "--keyfile", dest='ssl_keyfile', default=None, type=str,
author	Aldo Cortesi <aldo@nullcube.com>	2013-01-05 16:48:49 +1300
committer	Aldo Cortesi <aldo@nullcube.com>	2013-01-05 16:48:49 +1300
commit	1e932e704577ff8159f93d424d4b7041dec29eea (patch)
tree	0e44bc0b17af293a4721978cd3223cf48efca625
parent	3886ccae9379d065e54e0eb7e961992ff3c0ee62 (diff)
download	mitmproxy-1e932e704577ff8159f93d424d4b7041dec29eea.tar.gz mitmproxy-1e932e704577ff8159f93d424d4b7041dec29eea.tar.bz2 mitmproxy-1e932e704577ff8159f93d424d4b7041dec29eea.zip