Merge pull request #870 from bazzinotti/master

[docs/libmproxy/test] Support single client-side cert file
author: Maximilian Hils <git@maximilianhils.com> 2015-12-29 17:51:11 +0100
committer: Maximilian Hils <git@maximilianhils.com> 2015-12-29 17:51:11 +0100
commit: 7b093b46b6a8ce98fe3d55de81d9305d966dfcbf (patch)
tree: 6cfb22f7f433b5b4af4079e2e6724f6730ebceb0 /libmproxy
parent: 6391b05ef1b92585765eb77e352921ec61b65020 (diff)
parent: 09168e1274b0e33448811c39efa3fbdd2aeff756 (diff)
download: mitmproxy-7b093b46b6a8ce98fe3d55de81d9305d966dfcbf.tar.gz
mitmproxy-7b093b46b6a8ce98fe3d55de81d9305d966dfcbf.tar.bz2
mitmproxy-7b093b46b6a8ce98fe3d55de81d9305d966dfcbf.zip
3 files changed, 11 insertions, 9 deletions
diff --git a/libmproxy/cmdline.py b/libmproxy/cmdline.py
index 16678486..99b76e68 100644
--- a/libmproxy/cmdline.py
+++ b/libmproxy/cmdline.py
@@ -407,7 +407,7 @@ def proxy_ssl_options(parser):
     group.add_argument(
         "--client-certs", action="store",
         type=str, dest="clientcerts", default=None,
-        help="Client certificate directory."
+        help="Client certificate file or directory."
     )
     group.add_argument(
         "--no-upstream-cert", default=False,
diff --git a/libmproxy/models/connections.py b/libmproxy/models/connections.py
index 3aa522ea..0991955d 100644
--- a/libmproxy/models/connections.py
+++ b/libmproxy/models/connections.py
@@ -174,11 +174,14 @@ class ServerConnection(tcp.TCPClient, stateobject.StateObject):
     def establish_ssl(self, clientcerts, sni, **kwargs):
         clientcert = None
         if clientcerts:
-            path = os.path.join(
-                clientcerts,
-                self.address.host.encode("idna")) + ".pem"
-            if os.path.exists(path):
-                clientcert = path
+            if os.path.isfile(clientcerts):
+                clientcert = clientcerts
+            else:
+                path = os.path.join(
+                    clientcerts,
+                    self.address.host.encode("idna")) + ".pem"
+                if os.path.exists(path):
+                    clientcert = path
 
         self.convert_to_ssl(cert=clientcert, sni=sni, **kwargs)
         self.sni = sni
diff --git a/libmproxy/proxy/config.py b/libmproxy/proxy/config.py
index c7b51311..b1478655 100644
--- a/libmproxy/proxy/config.py
+++ b/libmproxy/proxy/config.py
@@ -133,10 +133,9 @@ def process_proxy_options(parser, options):
 
     if options.clientcerts:
         options.clientcerts = os.path.expanduser(options.clientcerts)
-        if not os.path.exists(options.clientcerts) or not os.path.isdir(options.clientcerts):
+        if not os.path.exists(options.clientcerts):
             return parser.error(
-                "Client certificate directory does not exist or is not a directory: %s" %
-                options.clientcerts
+                "Client certificate path does not exist: %s" % options.clientcerts
             )
 
     if options.auth_nonanonymous or options.auth_singleuser or options.auth_htpasswd:
author	Maximilian Hils <git@maximilianhils.com>	2015-12-29 17:51:11 +0100
committer	Maximilian Hils <git@maximilianhils.com>	2015-12-29 17:51:11 +0100
commit	7b093b46b6a8ce98fe3d55de81d9305d966dfcbf (patch)
tree	6cfb22f7f433b5b4af4079e2e6724f6730ebceb0 /libmproxy
parent	6391b05ef1b92585765eb77e352921ec61b65020 (diff)
parent	09168e1274b0e33448811c39efa3fbdd2aeff756 (diff)
download	mitmproxy-7b093b46b6a8ce98fe3d55de81d9305d966dfcbf.tar.gz mitmproxy-7b093b46b6a8ce98fe3d55de81d9305d966dfcbf.tar.bz2 mitmproxy-7b093b46b6a8ce98fe3d55de81d9305d966dfcbf.zip