From e22fd74d06bf646e7da95cde8f7238763f081276 Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Fri, 18 Mar 2011 16:45:31 +1300
Subject: Revamp key generation.

We now create three different files in the .mitmproxy directory when a dummy CA
is made:

mitmproxy-ca.pem - the CA, including private key

mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows.

mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
---
 libmproxy/proxy.py | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

(limited to 'libmproxy/proxy.py')

diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py
index 80040a03..1f6dafa8 100644
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@@ -22,7 +22,7 @@ class ProxyError(Exception):
         return "ProxyError(%s, %s)"%(self.code, self.msg)
 
 
-class Config:
+class SSLConfig:
     def __init__(self, certfile = None, ciphers = None, cacert = None):
         self.certfile = certfile
         self.ciphers = ciphers
@@ -769,11 +769,6 @@ def certificate_option_group(parser):
         type = "str", dest="cert", default=None,
         help = "User-created SSL certificate file."
     )
-    group.add_option(
-        "--cacert", action="store",
-        type = "str", dest="cacert", default="~/.mitmproxy/ca.pem",
-        help = "SSL CA certificate file. Generated if it doesn't exist."
-    )
     group.add_option(
         "--ciphers", action="store",
         type = "str", dest="ciphers", default=None,
@@ -788,14 +783,15 @@ def process_certificate_option_group(parser, options):
         options.cert = os.path.expanduser(options.cert)
         if not os.path.exists(options.cert):
             parser.error("Manually created certificate does not exist: %s"%options.cert)
-    if options.cacert:
-        options.cacert = os.path.expanduser(options.cacert)
-        if not os.path.exists(options.cacert):
-            utils.dummy_ca(options.cacert)
+
+    cacert = os.path.join(options.confdir, "mitmproxy-ca.pem")
+    cacert = os.path.expanduser(cacert)
+    if not os.path.exists(cacert):
+        utils.dummy_ca(cacert)
     if getattr(options, "cache", None) is not None:
         options.cache = os.path.expanduser(options.cache)
-    return Config(
+    return SSLConfig(
         certfile = options.cert,
-        cacert = options.cacert,
+        cacert = cacert,
         ciphers = options.ciphers
     )
-- 
cgit v1.2.3