From 77bf092bcd324edd68cffd9f5018198bca938e8a Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Tue, 19 Jul 2016 12:32:26 +1200 Subject: [PATCH] ProxyConfig: tcp_hosts and ignore_hosts to Options --- mitmproxy/cmdline.py | 4 +++- mitmproxy/flow/options.py | 8 ++++++-- mitmproxy/proxy/config.py | 11 +++++------ 3 files changed, 14 insertions(+), 9 deletions(-) diff --git a/mitmproxy/cmdline.py b/mitmproxy/cmdline.py index 735088712..b15e04278 100644 --- a/mitmproxy/cmdline.py +++ b/mitmproxy/cmdline.py @@ -240,10 +240,12 @@ def get_common_options(args): replay_ignore_payload_params=args.replay_ignore_payload_params, replay_ignore_host=args.replay_ignore_host, + add_upstream_certs_to_client_chain = args.add_upstream_certs_to_client_chain, body_size_limit = body_size_limit, cadir = args.cadir, certs = certs, clientcerts = args.clientcerts, + ignore_hosts = args.ignore_hosts, listen_host = args.addr, listen_port = args.port, mode = mode, @@ -254,7 +256,7 @@ def get_common_options(args): ssl_verify_upstream_cert = args.ssl_verify_upstream_cert, ssl_verify_upstream_trusted_cadir = args.ssl_verify_upstream_trusted_cadir, ssl_verify_upstream_trusted_ca = args.ssl_verify_upstream_trusted_ca, - add_upstream_certs_to_client_chain = args.add_upstream_certs_to_client_chain, + tcp_hosts = args.tcp_hosts, ) diff --git a/mitmproxy/flow/options.py b/mitmproxy/flow/options.py index 31150b556..78268b897 100644 --- a/mitmproxy/flow/options.py +++ b/mitmproxy/flow/options.py @@ -39,10 +39,12 @@ class Options(options.Options): replay_ignore_host=False, # type: bool # Proxy options + add_upstream_certs_to_client_chain=False, # type: bool body_size_limit=None, # type: Optional[int] cadir = cmdline.CA_DIR, # type: str certs = (), # type: Sequence[Tuple[str, str]] clientcerts = None, # type: Optional[str] + ignore_hosts = (), # type: Sequence[str] listen_host = "", # type: str listen_port = 8080, # type: int mode = "regular", # type: str @@ -53,7 +55,7 @@ class Options(options.Options): ssl_verify_upstream_cert=False, # type: bool ssl_verify_upstream_trusted_cadir=None, # type: str ssl_verify_upstream_trusted_ca=None, # type: str - add_upstream_certs_to_client_chain=False, # type: bool + tcp_hosts = (), # type: Sequence[str] ): # We could replace all assignments with clever metaprogramming, # but type hints are a much more valueable asset. @@ -86,10 +88,12 @@ class Options(options.Options): self.replay_ignore_host = replay_ignore_host # Proxy options + self.add_upstream_certs_to_client_chain = add_upstream_certs_to_client_chain self.body_size_limit = body_size_limit self.cadir = cadir self.certs = certs self.clientcerts = clientcerts + self.ignore_hosts = ignore_hosts self.listen_host = listen_host self.listen_port = listen_port self.mode = mode @@ -100,5 +104,5 @@ class Options(options.Options): self.ssl_verify_upstream_cert = ssl_verify_upstream_cert self.ssl_verify_upstream_trusted_cadir = ssl_verify_upstream_trusted_cadir self.ssl_verify_upstream_trusted_ca = ssl_verify_upstream_trusted_ca - self.add_upstream_certs_to_client_chain = add_upstream_certs_to_client_chain + self.tcp_hosts = tcp_hosts super(Options, self).__init__() diff --git a/mitmproxy/proxy/config.py b/mitmproxy/proxy/config.py index df7ca7ade..58c7d1c68 100644 --- a/mitmproxy/proxy/config.py +++ b/mitmproxy/proxy/config.py @@ -87,8 +87,6 @@ class ProxyConfig: options, no_upstream_cert=False, authenticator=None, - ignore_hosts=tuple(), - tcp_hosts=tuple(), http2=True, rawtcp=False, ciphers_client=DEFAULT_CLIENT_CIPHERS, @@ -100,8 +98,6 @@ class ProxyConfig: self.ciphers_server = ciphers_server self.no_upstream_cert = no_upstream_cert - self.check_ignore = HostMatcher(ignore_hosts) - self.check_tcp = HostMatcher(tcp_hosts) self.http2 = http2 self.rawtcp = rawtcp self.authenticator = authenticator @@ -116,12 +112,17 @@ class ProxyConfig: else: self.openssl_verification_mode_server = SSL.VERIFY_NONE + self.check_ignore = None + self.check_tcp = None self.certstore = None self.clientcerts = None self.configure(options) options.changed.connect(self.configure) def configure(self, options): + self.check_ignore = HostMatcher(options.ignore_hosts) + self.check_tcp = HostMatcher(options.tcp_hosts) + certstore_path = os.path.expanduser(options.cadir) if not os.path.exists(os.path.dirname(certstore_path)): raise exceptions.OptionsError( @@ -204,8 +205,6 @@ def process_proxy_options(parser, options, args): return ProxyConfig( options, no_upstream_cert=args.no_upstream_cert, - ignore_hosts=args.ignore_hosts, - tcp_hosts=args.tcp_hosts, http2=args.http2, rawtcp=args.rawtcp, authenticator=authenticator,