diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2011-03-18 16:45:31 +1300 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2011-03-18 16:45:31 +1300 |
| commit | e22fd74d06bf646e7da95cde8f7238763f081276 (patch) | |
| tree | 46b8bd42a25a45066c80a7ed4204ac9db2777c04 /libmproxy/proxy.py | |
| parent | 3fbf343985cd1a957514ebcc54fee067c18b99ea (diff) | |
| download | mitmproxy-e22fd74d06bf646e7da95cde8f7238763f081276.tar.gz mitmproxy-e22fd74d06bf646e7da95cde8f7238763f081276.tar.bz2 mitmproxy-e22fd74d06bf646e7da95cde8f7238763f081276.zip | |
Revamp key generation.
We now create three different files in the .mitmproxy directory when a dummy CA
is made:
mitmproxy-ca.pem - the CA, including private key
mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows.
mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
Diffstat (limited to 'libmproxy/proxy.py')
| -rw-r--r-- | libmproxy/proxy.py | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py index 80040a03..1f6dafa8 100644 --- a/libmproxy/proxy.py +++ b/libmproxy/proxy.py @@ -22,7 +22,7 @@ class ProxyError(Exception): return "ProxyError(%s, %s)"%(self.code, self.msg) -class Config: +class SSLConfig: def __init__(self, certfile = None, ciphers = None, cacert = None): self.certfile = certfile self.ciphers = ciphers @@ -770,11 +770,6 @@ def certificate_option_group(parser): help = "User-created SSL certificate file." ) group.add_option( - "--cacert", action="store", - type = "str", dest="cacert", default="~/.mitmproxy/ca.pem", - help = "SSL CA certificate file. Generated if it doesn't exist." - ) - group.add_option( "--ciphers", action="store", type = "str", dest="ciphers", default=None, help = "SSL ciphers." @@ -788,14 +783,15 @@ def process_certificate_option_group(parser, options): options.cert = os.path.expanduser(options.cert) if not os.path.exists(options.cert): parser.error("Manually created certificate does not exist: %s"%options.cert) - if options.cacert: - options.cacert = os.path.expanduser(options.cacert) - if not os.path.exists(options.cacert): - utils.dummy_ca(options.cacert) + + cacert = os.path.join(options.confdir, "mitmproxy-ca.pem") + cacert = os.path.expanduser(cacert) + if not os.path.exists(cacert): + utils.dummy_ca(cacert) if getattr(options, "cache", None) is not None: options.cache = os.path.expanduser(options.cache) - return Config( + return SSLConfig( certfile = options.cert, - cacert = options.cacert, + cacert = cacert, ciphers = options.ciphers ) |