5 files changed, 22 insertions, 22 deletions

diff --git a/mitmproxy/cmdline.py b/mitmproxy/cmdline.py
index 2184ce94..7b9f2b82 100644
--- a/mitmproxy/cmdline.py
+++ b/mitmproxy/cmdline.py
@@ -436,10 +436,10 @@ def proxy_ssl_options(parser):
     )
     subgroup = group.add_mutually_exclusive_group()
     subgroup.add_argument(
-        "--add-server-certs-to-client-chain", default=False,
-        action="store_true", dest="add_server_certs_to_client_chain",
-        help="Add all the certificates of the server to the certificate chain "
-             "that will be served to the client, as extras."
+        "--add-upstream-certs-to-client-chain", default=False,
+        action="store_true", dest="add_upstream_certs_to_client_chain",
+        help="Add all certificates of the upstream server to the certificate chain "
+             "that will be served to the proxy client, as extras."
     )
     subgroup.add_argument(
         "--verify-upstream-cert", default=False,
diff --git a/mitmproxy/protocol/tls.py b/mitmproxy/protocol/tls.py
index 22ee8ff9..7a4d53fe 100644
--- a/mitmproxy/protocol/tls.py
+++ b/mitmproxy/protocol/tls.py
@@ -432,7 +432,7 @@ class TlsLayer(Layer):
         self.log("Establish TLS with client", "debug")
         cert, key, chain_file = self._find_cert()
 
-        if self.config.add_server_certs_to_client_chain:
+        if self.config.add_upstream_certs_to_client_chain:
            extra_certs = self.server_conn.server_certs
         else:
            extra_certs = None
diff --git a/mitmproxy/proxy/config.py b/mitmproxy/proxy/config.py
index 9932ec8c..311d2599 100644
--- a/mitmproxy/proxy/config.py
+++ b/mitmproxy/proxy/config.py
@@ -67,7 +67,7 @@ class ProxyConfig:
             ssl_verify_upstream_cert=False,
             ssl_verify_upstream_trusted_cadir=None,
             ssl_verify_upstream_trusted_ca=None,
-            add_server_certs_to_client_chain=False,
+            add_upstream_certs_to_client_chain=False,
     ):
         self.host = host
         self.port = port
@@ -108,7 +108,7 @@ class ProxyConfig:
             self.openssl_verification_mode_server = SSL.VERIFY_NONE
         self.openssl_trusted_cadir_server = ssl_verify_upstream_trusted_cadir
         self.openssl_trusted_ca_server = ssl_verify_upstream_trusted_ca
-        self.add_server_certs_to_client_chain = add_server_certs_to_client_chain
+        self.add_upstream_certs_to_client_chain = add_upstream_certs_to_client_chain
 
 
 def process_proxy_options(parser, options):
@@ -209,5 +209,5 @@ def process_proxy_options(parser, options):
         ssl_verify_upstream_cert=options.ssl_verify_upstream_cert,
         ssl_verify_upstream_trusted_cadir=options.ssl_verify_upstream_trusted_cadir,
         ssl_verify_upstream_trusted_ca=options.ssl_verify_upstream_trusted_ca,
-        add_server_certs_to_client_chain=options.add_server_certs_to_client_chain,
+        add_upstream_certs_to_client_chain=options.add_upstream_certs_to_client_chain,
     )
diff --git a/test/mitmproxy/test_server.py b/test/mitmproxy/test_server.py
index a2d1a578..26e53e8a 100644
--- a/test/mitmproxy/test_server.py
+++ b/test/mitmproxy/test_server.py
@@ -1001,7 +1001,7 @@ class TestProxyChainingSSLReconnect(tservers.HTTPUpstreamProxyTest):
         assert self.chain[1].tmaster.state.flow_count() == 2
 
 
-class AddServerCertsToClientChainMixin:
+class AddUpstreamCertsToClientChainMixin:
 
     ssl = True
     servercert = tutils.test_data.path("data/trusted-server.crt")
@@ -1012,30 +1012,30 @@ class AddServerCertsToClientChainMixin:
             ]
     )
 
-    def test_add_server_certs_to_client_chain(self):
+    def test_add_upstream_certs_to_client_chain(self):
         with open(self.servercert, "rb") as f:
             d = f.read()
-        c1 = SSLCert.from_pem(d)
+        upstreamCert = SSLCert.from_pem(d)
         p = self.pathoc()
-        server_cert_found_in_client_chain = False
-        for cert in p.server_certs:
-            if cert.digest('sha256') == c1.digest('sha256'):
-                server_cert_found_in_client_chain = True
+        upstream_cert_found_in_client_chain = False
+        for receivedCert in p.server_certs:
+            if receivedCert.digest('sha256') == upstreamCert.digest('sha256'):
+                upstream_cert_found_in_client_chain = True
                 break
-        assert(server_cert_found_in_client_chain == self.add_server_certs_to_client_chain)
+        assert(upstream_cert_found_in_client_chain == self.add_upstream_certs_to_client_chain)
 
 
-class TestHTTPSAddServerCertsToClientChainTrue(AddServerCertsToClientChainMixin, tservers.HTTPProxyTest):
+class TestHTTPSAddUpstreamCertsToClientChainTrue(AddUpstreamCertsToClientChainMixin, tservers.HTTPProxyTest):
 
     """
     If --add-server-certs-to-client-chain is True, then the client should receive the upstream server's certificates
     """
-    add_server_certs_to_client_chain = True
+    add_upstream_certs_to_client_chain = True
 
 
-class TestHTTPSAddServerCertsToClientChainFalse(AddServerCertsToClientChainMixin, tservers.HTTPProxyTest):
+class TestHTTPSAddUpstreamCertsToClientChainFalse(AddUpstreamCertsToClientChainMixin, tservers.HTTPProxyTest):
 
     """
     If --add-server-certs-to-client-chain is False, then the client should not receive the upstream server's certificates
     """
-    add_server_certs_to_client_chain = False
+    add_upstream_certs_to_client_chain = False
diff --git a/test/mitmproxy/tservers.py b/test/mitmproxy/tservers.py
index cabd8e1f..4fa519cc 100644
--- a/test/mitmproxy/tservers.py
+++ b/test/mitmproxy/tservers.py
@@ -86,7 +86,7 @@ class ProxyTestBase(object):
     no_upstream_cert = False
     authenticator = None
     masterclass = TestMaster
-    add_server_certs_to_client_chain = False
+    add_upstream_certs_to_client_chain = False
 
     @classmethod
     def setup_class(cls):
@@ -130,7 +130,7 @@ class ProxyTestBase(object):
             no_upstream_cert = cls.no_upstream_cert,
             cadir = cls.cadir,
             authenticator = cls.authenticator,
-            add_server_certs_to_client_chain = cls.add_server_certs_to_client_chain,
+            add_upstream_certs_to_client_chain = cls.add_upstream_certs_to_client_chain,
         )