From d5c318b070305ac51e6b37f80336ab471af28d26 Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Wed, 8 Oct 2014 20:44:52 +0200
Subject: fix support for chained certificates

---
 libmproxy/proxy/config.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'libmproxy/proxy/config.py')

diff --git a/libmproxy/proxy/config.py b/libmproxy/proxy/config.py
index 62104a24..24e09b6a 100644
--- a/libmproxy/proxy/config.py
+++ b/libmproxy/proxy/config.py
@@ -16,7 +16,7 @@ def parse_host_pattern(patterns):
 
 class ProxyConfig:
     def __init__(self, host='', port=8080, server_version=version.NAMEVERSION,
-                 confdir=CONF_DIR, ca_file=None, clientcerts=None,
+                 confdir=CONF_DIR, default_ca=None, clientcerts=None,
                  no_upstream_cert=False, body_size_limit=None,
                  mode=None, upstream_server=None, http_form_in=None, http_form_out=None,
                  authenticator=None, ignore=[],
@@ -45,7 +45,7 @@ class ProxyConfig:
         self.ignore = parse_host_pattern(ignore)
         self.authenticator = authenticator
         self.confdir = os.path.expanduser(confdir)
-        self.ca_file = ca_file or os.path.join(self.confdir, CONF_BASENAME + "-ca.pem")
+        self.default_ca = default_ca or os.path.join(self.confdir, CONF_BASENAME + "-ca.pem")
         self.certstore = certutils.CertStore.from_store(self.confdir, CONF_BASENAME)
         for spec, cert in certs:
             self.certstore.add_cert_file(spec, cert)
-- 
cgit v1.2.3


From 5b33f7896136012ab8cd86999f5af2b90e66125b Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Thu, 9 Oct 2014 00:49:11 +0200
Subject: add mini documentation

---
 libmproxy/proxy/config.py | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'libmproxy/proxy/config.py')

diff --git a/libmproxy/proxy/config.py b/libmproxy/proxy/config.py
index 24e09b6a..b5974807 100644
--- a/libmproxy/proxy/config.py
+++ b/libmproxy/proxy/config.py
@@ -133,10 +133,12 @@ def ssl_option_group(parser):
     group.add_argument(
         "--cert", dest='certs', default=[], type=str,
         metavar="SPEC", action="append",
-        help='Add an SSL certificate. SPEC is of the form "[domain=]path". ' \
-             'The domain may include a wildcard, and is equal to "*" if not specified. ' \
-             'The file at path is a certificate in PEM format. If a private key is included in the PEM, ' \
-             'it is used, else the default key in the conf dir is used. Can be passed multiple times.'
+        help='Add an SSL certificate. SPEC is of the form "[domain=]path". '
+             'The domain may include a wildcard, and is equal to "*" if not specified. '
+             'The file at path is a certificate in PEM format. If a private key is included in the PEM, '
+             'it is used, else the default key in the conf dir is used. '
+             'The PEM file should contain the full certificate chain, with the leaf certificate as the first entry. '
+             'Can be passed multiple times.'
     )
     group.add_argument(
         "--client-certs", action="store",
-- 
cgit v1.2.3