ProxyConfig: tcp_hosts and ignore_hosts to Options
This commit is contained in:
parent
98bf544664
commit
77bf092bcd
|
@ -240,10 +240,12 @@ def get_common_options(args):
|
|||
replay_ignore_payload_params=args.replay_ignore_payload_params,
|
||||
replay_ignore_host=args.replay_ignore_host,
|
||||
|
||||
add_upstream_certs_to_client_chain = args.add_upstream_certs_to_client_chain,
|
||||
body_size_limit = body_size_limit,
|
||||
cadir = args.cadir,
|
||||
certs = certs,
|
||||
clientcerts = args.clientcerts,
|
||||
ignore_hosts = args.ignore_hosts,
|
||||
listen_host = args.addr,
|
||||
listen_port = args.port,
|
||||
mode = mode,
|
||||
|
@ -254,7 +256,7 @@ def get_common_options(args):
|
|||
ssl_verify_upstream_cert = args.ssl_verify_upstream_cert,
|
||||
ssl_verify_upstream_trusted_cadir = args.ssl_verify_upstream_trusted_cadir,
|
||||
ssl_verify_upstream_trusted_ca = args.ssl_verify_upstream_trusted_ca,
|
||||
add_upstream_certs_to_client_chain = args.add_upstream_certs_to_client_chain,
|
||||
tcp_hosts = args.tcp_hosts,
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -39,10 +39,12 @@ class Options(options.Options):
|
|||
replay_ignore_host=False, # type: bool
|
||||
|
||||
# Proxy options
|
||||
add_upstream_certs_to_client_chain=False, # type: bool
|
||||
body_size_limit=None, # type: Optional[int]
|
||||
cadir = cmdline.CA_DIR, # type: str
|
||||
certs = (), # type: Sequence[Tuple[str, str]]
|
||||
clientcerts = None, # type: Optional[str]
|
||||
ignore_hosts = (), # type: Sequence[str]
|
||||
listen_host = "", # type: str
|
||||
listen_port = 8080, # type: int
|
||||
mode = "regular", # type: str
|
||||
|
@ -53,7 +55,7 @@ class Options(options.Options):
|
|||
ssl_verify_upstream_cert=False, # type: bool
|
||||
ssl_verify_upstream_trusted_cadir=None, # type: str
|
||||
ssl_verify_upstream_trusted_ca=None, # type: str
|
||||
add_upstream_certs_to_client_chain=False, # type: bool
|
||||
tcp_hosts = (), # type: Sequence[str]
|
||||
):
|
||||
# We could replace all assignments with clever metaprogramming,
|
||||
# but type hints are a much more valueable asset.
|
||||
|
@ -86,10 +88,12 @@ class Options(options.Options):
|
|||
self.replay_ignore_host = replay_ignore_host
|
||||
|
||||
# Proxy options
|
||||
self.add_upstream_certs_to_client_chain = add_upstream_certs_to_client_chain
|
||||
self.body_size_limit = body_size_limit
|
||||
self.cadir = cadir
|
||||
self.certs = certs
|
||||
self.clientcerts = clientcerts
|
||||
self.ignore_hosts = ignore_hosts
|
||||
self.listen_host = listen_host
|
||||
self.listen_port = listen_port
|
||||
self.mode = mode
|
||||
|
@ -100,5 +104,5 @@ class Options(options.Options):
|
|||
self.ssl_verify_upstream_cert = ssl_verify_upstream_cert
|
||||
self.ssl_verify_upstream_trusted_cadir = ssl_verify_upstream_trusted_cadir
|
||||
self.ssl_verify_upstream_trusted_ca = ssl_verify_upstream_trusted_ca
|
||||
self.add_upstream_certs_to_client_chain = add_upstream_certs_to_client_chain
|
||||
self.tcp_hosts = tcp_hosts
|
||||
super(Options, self).__init__()
|
||||
|
|
|
@ -87,8 +87,6 @@ class ProxyConfig:
|
|||
options,
|
||||
no_upstream_cert=False,
|
||||
authenticator=None,
|
||||
ignore_hosts=tuple(),
|
||||
tcp_hosts=tuple(),
|
||||
http2=True,
|
||||
rawtcp=False,
|
||||
ciphers_client=DEFAULT_CLIENT_CIPHERS,
|
||||
|
@ -100,8 +98,6 @@ class ProxyConfig:
|
|||
self.ciphers_server = ciphers_server
|
||||
self.no_upstream_cert = no_upstream_cert
|
||||
|
||||
self.check_ignore = HostMatcher(ignore_hosts)
|
||||
self.check_tcp = HostMatcher(tcp_hosts)
|
||||
self.http2 = http2
|
||||
self.rawtcp = rawtcp
|
||||
self.authenticator = authenticator
|
||||
|
@ -116,12 +112,17 @@ class ProxyConfig:
|
|||
else:
|
||||
self.openssl_verification_mode_server = SSL.VERIFY_NONE
|
||||
|
||||
self.check_ignore = None
|
||||
self.check_tcp = None
|
||||
self.certstore = None
|
||||
self.clientcerts = None
|
||||
self.configure(options)
|
||||
options.changed.connect(self.configure)
|
||||
|
||||
def configure(self, options):
|
||||
self.check_ignore = HostMatcher(options.ignore_hosts)
|
||||
self.check_tcp = HostMatcher(options.tcp_hosts)
|
||||
|
||||
certstore_path = os.path.expanduser(options.cadir)
|
||||
if not os.path.exists(os.path.dirname(certstore_path)):
|
||||
raise exceptions.OptionsError(
|
||||
|
@ -204,8 +205,6 @@ def process_proxy_options(parser, options, args):
|
|||
return ProxyConfig(
|
||||
options,
|
||||
no_upstream_cert=args.no_upstream_cert,
|
||||
ignore_hosts=args.ignore_hosts,
|
||||
tcp_hosts=args.tcp_hosts,
|
||||
http2=args.http2,
|
||||
rawtcp=args.rawtcp,
|
||||
authenticator=authenticator,
|
||||
|
|
Loading…
Reference in New Issue