6 files changed, 19 insertions, 21 deletions

diff --git a/mitmproxy/cmdline.py b/mitmproxy/cmdline.py
index 1e5064f7..cbff5ccd 100644
--- a/mitmproxy/cmdline.py
+++ b/mitmproxy/cmdline.py
@@ -16,6 +16,7 @@ from netlib.http import url
 
 APP_HOST = "mitm.it"
 APP_PORT = 80
+CA_DIR = "~/.mitmproxy"
 
 
 class ParseException(Exception):
@@ -245,8 +246,8 @@ def basic_options(parser):
     )
     parser.add_argument(
         "--cadir",
-        action="store", type=str, dest="cadir", default=config.CA_DIR,
-        help="Location of the default mitmproxy CA files. (%s)" % config.CA_DIR
+        action="store", type=str, dest="cadir", default=CA_DIR,
+        help="Location of the default mitmproxy CA files. (%s)" % CA_DIR
     )
     parser.add_argument(
         "--host",
@@ -699,8 +700,8 @@ def mitmproxy():
         usage="%(prog)s [options]",
         args_for_setting_config_path=["--conf"],
         default_config_files=[
-            os.path.join(config.CA_DIR, "common.conf"),
-            os.path.join(config.CA_DIR, "mitmproxy.conf")
+            os.path.join(CA_DIR, "common.conf"),
+            os.path.join(CA_DIR, "mitmproxy.conf")
         ],
         add_config_file_help=True,
         add_env_var_help=True
@@ -754,8 +755,8 @@ def mitmdump():
         usage="%(prog)s [options] [filter]",
         args_for_setting_config_path=["--conf"],
         default_config_files=[
-            os.path.join(config.CA_DIR, "common.conf"),
-            os.path.join(config.CA_DIR, "mitmdump.conf")
+            os.path.join(CA_DIR, "common.conf"),
+            os.path.join(CA_DIR, "mitmdump.conf")
         ],
         add_config_file_help=True,
         add_env_var_help=True
@@ -784,8 +785,8 @@ def mitmweb():
         usage="%(prog)s [options]",
         args_for_setting_config_path=["--conf"],
         default_config_files=[
-            os.path.join(config.CA_DIR, "common.conf"),
-            os.path.join(config.CA_DIR, "mitmweb.conf")
+            os.path.join(CA_DIR, "common.conf"),
+            os.path.join(CA_DIR, "mitmweb.conf")
         ],
         add_config_file_help=True,
         add_env_var_help=True
diff --git a/mitmproxy/flow/options.py b/mitmproxy/flow/options.py
index 8879b01a..d8f87133 100644
--- a/mitmproxy/flow/options.py
+++ b/mitmproxy/flow/options.py
@@ -1,6 +1,7 @@
 from __future__ import absolute_import, print_function, division
 from mitmproxy import options
 from typing import Tuple, Optional, Sequence  # noqa
+from mitmproxy import cmdline
 
 APP_HOST = "mitm.it"
 APP_PORT = 80
@@ -38,8 +39,9 @@ class Options(options.Options):
             replay_ignore_host=False,  # type: bool
 
             # Proxy options
-            listen_host = "", # type: str
-            listen_port = 8080, # type: int
+            cadir = cmdline.CA_DIR,  # type: str
+            listen_host = "",  # type: str
+            listen_port = 8080,  # type: int
     ):
         # We could replace all assignments with clever metaprogramming,
         # but type hints are a much more valueable asset.
@@ -71,6 +73,7 @@ class Options(options.Options):
         self.replay_ignore_payload_params = replay_ignore_payload_params
         self.replay_ignore_host = replay_ignore_host
 
+        self.cadir = cadir
         self.listen_host = listen_host
         self.listen_port = listen_port
 
diff --git a/mitmproxy/onboarding/app.py b/mitmproxy/onboarding/app.py
index f93b9982..e26efae8 100644
--- a/mitmproxy/onboarding/app.py
+++ b/mitmproxy/onboarding/app.py
@@ -47,7 +47,7 @@ class PEM(tornado.web.RequestHandler):
         return config.CONF_BASENAME + "-ca-cert.pem"
 
     def get(self):
-        p = os.path.join(self.request.master.server.config.cadir, self.filename)
+        p = os.path.join(self.request.master.options.cadir, self.filename)
         self.set_header("Content-Type", "application/x-x509-ca-cert")
         self.set_header(
             "Content-Disposition",
@@ -65,7 +65,7 @@ class P12(tornado.web.RequestHandler):
         return config.CONF_BASENAME + "-ca-cert.p12"
 
     def get(self):
-        p = os.path.join(self.request.master.server.config.cadir, self.filename)
+        p = os.path.join(self.request.master.options.cadir, self.filename)
         self.set_header("Content-Type", "application/x-pkcs12")
         self.set_header(
             "Content-Disposition",
diff --git a/mitmproxy/proxy/config.py b/mitmproxy/proxy/config.py
index 2f76e23c..942798f3 100644
--- a/mitmproxy/proxy/config.py
+++ b/mitmproxy/proxy/config.py
@@ -14,7 +14,6 @@ from netlib import tcp
 from netlib.http import authentication
 
 CONF_BASENAME = "mitmproxy"
-CA_DIR = "~/.mitmproxy"
 
 # We manually need to specify this, otherwise OpenSSL may select a non-HTTP2 cipher by default.
 # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=apache-2.2.15&openssl=1.0.2&hsts=yes&profile=old
@@ -60,7 +59,6 @@ class ProxyConfig:
     def __init__(
             self,
             options,
-            cadir=CA_DIR,
             clientcerts=None,
             no_upstream_cert=False,
             body_size_limit=None,
@@ -101,9 +99,8 @@ class ProxyConfig:
         self.http2 = http2
         self.rawtcp = rawtcp
         self.authenticator = authenticator
-        self.cadir = os.path.expanduser(cadir)
         self.certstore = certutils.CertStore.from_store(
-            self.cadir,
+            os.path.expanduser(options.cadir),
             CONF_BASENAME
         )
         for spec, cert in certs:
@@ -214,7 +211,6 @@ def process_proxy_options(parser, options, args):
 
     return ProxyConfig(
         options,
-        cadir=args.cadir,
         clientcerts=args.clientcerts,
         no_upstream_cert=args.no_upstream_cert,
         body_size_limit=body_size_limit,
diff --git a/test/mitmproxy/test_protocol_http2.py b/test/mitmproxy/test_protocol_http2.py
index dd81ba23..34e6656a 100644
--- a/test/mitmproxy/test_protocol_http2.py
+++ b/test/mitmproxy/test_protocol_http2.py
@@ -105,10 +105,9 @@ class _Http2TestBase(object):
     @classmethod
     def get_proxy_config(cls):
         opts = options.Options(listen_port=0)
-        cls.cadir = os.path.join(tempfile.gettempdir(), "mitmproxy")
+        opts.cadir = os.path.join(tempfile.gettempdir(), "mitmproxy")
         d = dict(
             no_upstream_cert=False,
-            cadir=cls.cadir,
             authenticator=None,
         )
         return d, opts
diff --git a/test/mitmproxy/tservers.py b/test/mitmproxy/tservers.py
index f9e1925f..ddb2922a 100644
--- a/test/mitmproxy/tservers.py
+++ b/test/mitmproxy/tservers.py
@@ -122,11 +122,10 @@ class ProxyTestBase(object):
         cls.cadir = os.path.join(tempfile.gettempdir(), "mitmproxy")
         cnf = dict(
             no_upstream_cert = cls.no_upstream_cert,
-            cadir = cls.cadir,
             authenticator = cls.authenticator,
             add_upstream_certs_to_client_chain = cls.add_upstream_certs_to_client_chain,
         )
-        return cnf, options.Options(listen_port=0)
+        return cnf, options.Options(listen_port=0, cadir=cls.cadir)
 
 
 class HTTPProxyTest(ProxyTestBase):