Merge pull request #960 from Kriechi/enable-h2

enable HTTP/2 by default if available

mitmproxy/cmdline.py

@@ -362,18 +362,14 @@ def proxy_options(parser):
         action="store", type=int, dest="port", default=8080,
         help="Proxy service port."
     )
-    http2 = group.add_mutually_exclusive_group()
-    # !!!
-    # Watch out: We raise a RuntimeError in mitmproxy.proxy.config if http2 is enabled,
-    # but the OpenSSL version does not have ALPN support (which is the default on Ubuntu 14.04).
-    # Do not simply set --http2 as enabled by default.
-    # !!!
-    http2.add_argument("--http2", action="store_true", dest="http2")
-    http2.add_argument("--no-http2", action="store_false", dest="http2",
-                       help="Explicitly enable/disable experimental HTTP2 support. "
-                            "Disabled by default. "
-                            "Default value will change in a future version."
-                       )
+    group.add_argument(
+        "--no-http2",
+        action="store_false", dest="http2",
+        help="""
+            Explicitly disable HTTP/2 support.
+            If your OpenSSL version supports ALPN, HTTP/2 is enabled by default.
+        """
+    )
     rawtcp = group.add_mutually_exclusive_group()
     rawtcp.add_argument("--raw-tcp", action="store_true", dest="rawtcp")
     rawtcp.add_argument("--no-raw-tcp", action="store_false", dest="rawtcp",

mitmproxy/console/__init__.py

@@ -14,6 +14,8 @@ import traceback
 import urwid
 import weakref
 
+from netlib import tcp
+
 from .. import controller, flow, script, contentviews
 from . import flowlist, flowview, help, window, signals, options
 from . import grideditor, palettes, statusbar, palettepicker
@@ -452,6 +454,14 @@ class ConsoleMaster(flow.FlowMaster):
             signals.update_settings.send()
         self.loop.set_alarm_in(0.01, self.ticker)
 
+        if not hasattr(self, 'http2_error_shown') and self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+            self.http2_error_shown = True
+            signals.status_message.send(
+                message="ALPN support missing (OpenSSL 1.0.2+ required). "
+                        "HTTP/2 is disabled. Use --no-http2 to silence this warning.",
+                expire=5
+            )
+
     def run(self):
         self.ui = urwid.raw_display.Screen()
         self.ui.set_terminal_properties(256)

mitmproxy/dump.py

@@ -1,9 +1,10 @@
 from __future__ import absolute_import, print_function
 import traceback
-
+import sys
 import click
 import itertools
 
+from netlib import tcp
 from netlib.http import CONTENT_MISSING
 import netlib.utils
 from . import flow, filt, contentviews
@@ -72,6 +73,11 @@ class DumpMaster(flow.FlowMaster):
 
         self.set_stream_large_bodies(options.stream_large_bodies)
 
+        if self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+            print("ALPN support missing (OpenSSL 1.0.2+ required)!\n"
+                "HTTP/2 is disabled. Use --no-http2 to silence this warning.",
+                file=sys.stderr)
+
         if options.filtstr:
             self.filt = filt.parse(options.filtstr)
         else:

mitmproxy/proxy/config.py

@@ -56,7 +56,7 @@ class ProxyConfig:
             authenticator=None,
             ignore_hosts=tuple(),
             tcp_hosts=tuple(),
-            http2=False,
+            http2=True,
             rawtcp=False,
             ciphers_client=DEFAULT_CLIENT_CIPHERS,
             ciphers_server=None,
@@ -180,9 +180,6 @@ def process_proxy_options(parser, options):
             parser.error("Certificate file does not exist: %s" % parts[1])
         certs.append(parts)
 
-    if options.http2 and not tcp.HAS_ALPN:
-        raise RuntimeError("HTTP2 support requires OpenSSL 1.0.2 or above.")
-
     return ProxyConfig(
         host=options.addr,
         port=options.port,