server_manager.Append(
replayspdyserver.ReplaySpdyServer, archive_fetch,
custom_handlers, host=host, port=options.port,
- certfile=options.certfile)
+ certfile=options.https_root_ca_cert_path)
else:
custom_handlers.add_server_manager_handler(server_manager)
archive_fetch = httpclient.ControllableHttpArchiveFetch(
host=host, port=options.port, use_delays=options.use_server_delay,
**options.shaping_http)
if options.ssl:
- server_manager.Append(
- httpproxy.HttpsProxyServer,
- archive_fetch, custom_handlers, options.certfile,
- host=host, port=options.ssl_port, use_delays=options.use_server_delay,
- **options.shaping_http)
+ if options.should_generate_certs:
+ server_manager.Append(
+ httpproxy.HttpsProxyServer, archive_fetch, custom_handlers,
+ options.https_root_ca_cert_path, host=host, port=options.ssl_port,
+ use_delays=options.use_server_delay, **options.shaping_http)
+ else:
+ server_manager.Append(
+ httpproxy.SingleCertHttpsProxyServer, archive_fetch,
+ custom_handlers, options.https_root_ca_cert_path, host=host,
+ port=options.ssl_port, use_delays=options.use_server_delay,
+ **options.shaping_http)
if options.http_to_https_port:
server_manager.Append(
httpproxy.HttpToHttpsProxyServer,
net_configs.GetNetConfig(self.net)
self._nondefaults.update(['down', 'up', 'delay_ms'])
if not self.ssl:
- self._options.certfile = None
+ self._options.https_root_ca_cert_path = None
self.shaping_dns = self._ShapingKeywordArgs('dns')
self.shaping_http = self._ShapingKeywordArgs('http')
self.shaping_dummynet = self._ShapingKeywordArgs('dummynet')
AddDnsForward(server_manager, ipfw_dns_host)
AddDnsProxy(server_manager, options, ipfw_dns_host, options.dns_port,
real_dns_lookup, http_archive)
- if options.ssl and options.certfile is None:
- options.certfile = os.path.join(os.path.dirname(__file__), 'wpr_cert.pem')
+ if options.ssl and options.https_root_ca_cert_path is None:
+ options.https_root_ca_cert_path = os.path.join(os.path.dirname(__file__),
+ 'wpr_cert.pem')
http_proxy_address = options.host
if not http_proxy_address:
http_proxy_address = platformsettings.get_httpproxy_ip_address(
action='store',
type='int',
help='DNS port number to listen on.')
- harness_group.add_option('-c', '--certfile', default=None,
+ harness_group.add_option('-c', '--https_root_ca_cert_path', default=None,
action='store',
type='string',
help='Certificate file to use with SSL (gets auto-generated if needed).')
dest='ssl',
help='Do not setup an SSL proxy.')
option_parser.add_option_group(harness_group)
+ harness_group.add_option('--should_generate_certs', default=False,
+ action='store_true',
+ help='Use OpenSSL to generate certificate files for requested hosts.')
harness_group.add_option('--no-admin-check', default=True,
action='store_false',
dest='admin_check',