diff options
| -rw-r--r-- | libmproxy/cmdline.py | 6 | ||||
| -rw-r--r-- | libmproxy/proxy.py | 7 | ||||
| -rw-r--r-- | libmproxy/utils.py | 1 |
3 files changed, 11 insertions, 3 deletions
diff --git a/libmproxy/cmdline.py b/libmproxy/cmdline.py index ce68baed..238853c6 100644 --- a/libmproxy/cmdline.py +++ b/libmproxy/cmdline.py @@ -116,6 +116,12 @@ def common_options(parser): ) parser.add_option_group(group) + parser.add_option( + "--cert-wait-time", + action="store", dest="cert_wait_time", default=0, + help="Wait for specified number of seconds after a new cert is generated. This can smooth over small discrepancies between the client and server times." + ) + group = optparse.OptionGroup(parser, "Server Replay") group.add_option( "-s", diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py index 77498842..916d18eb 100644 --- a/libmproxy/proxy.py +++ b/libmproxy/proxy.py @@ -23,11 +23,12 @@ class ProxyError(Exception): class SSLConfig: - def __init__(self, certfile = None, ciphers = None, cacert = None): + def __init__(self, certfile = None, ciphers = None, cacert = None, cert_wait_time=None): self.certfile = certfile self.ciphers = ciphers self.cacert = cacert self.certdir = None + self.cert_wait_time = cert_wait_time def read_chunked(fp): @@ -613,6 +614,7 @@ class ProxyHandler(SocketServer.StreamRequestHandler): return self.config.certfile else: ret = utils.dummy_cert(self.config.certdir, self.config.cacert, host) + time.sleep(self.config.cert_wait_time) if not ret: raise ProxyError(400, "mitmproxy: Unable to generate dummy cert.") return ret @@ -784,5 +786,6 @@ def process_certificate_option_group(parser, options): return SSLConfig( certfile = options.cert, cacert = cacert, - ciphers = options.ciphers + ciphers = options.ciphers, + cert_wait_time = options.cert_wait_time ) diff --git a/libmproxy/utils.py b/libmproxy/utils.py index 6c9f3288..b5dc6d92 100644 --- a/libmproxy/utils.py +++ b/libmproxy/utils.py @@ -497,7 +497,6 @@ def dummy_cert(certdir, ca, commonname): stdin=subprocess.PIPE ) if ret: return None - time.sleep(CERT_SLEEP_TIME) return certpath |