From 7d2c7efa575a7338ed5402972ae8772be4b0298d Mon Sep 17 00:00:00 2001
From: Thomas Kriechbaumer <thomas@kriechbaumer.name>
Date: Wed, 17 Feb 2016 23:46:44 +0100
Subject: [PATCH] enable HTTP/2 by default if available

---
 mitmproxy/cmdline.py          | 20 ++++++++------------
 mitmproxy/console/__init__.py | 10 ++++++++++
 mitmproxy/dump.py             |  8 +++++++-
 mitmproxy/proxy/config.py     |  5 +----
 4 files changed, 26 insertions(+), 17 deletions(-)

diff --git a/mitmproxy/cmdline.py b/mitmproxy/cmdline.py
index fedd4f133..3e9fa011c 100644
--- a/mitmproxy/cmdline.py
+++ b/mitmproxy/cmdline.py
@@ -362,18 +362,14 @@ def proxy_options(parser):
         action="store", type=int, dest="port", default=8080,
         help="Proxy service port."
     )
-    http2 = group.add_mutually_exclusive_group()
-    # !!!
-    # Watch out: We raise a RuntimeError in mitmproxy.proxy.config if http2 is enabled,
-    # but the OpenSSL version does not have ALPN support (which is the default on Ubuntu 14.04).
-    # Do not simply set --http2 as enabled by default.
-    # !!!
-    http2.add_argument("--http2", action="store_true", dest="http2")
-    http2.add_argument("--no-http2", action="store_false", dest="http2",
-                       help="Explicitly enable/disable experimental HTTP2 support. "
-                            "Disabled by default. "
-                            "Default value will change in a future version."
-                       )
+    group.add_argument(
+        "--no-http2",
+        action="store_false", dest="http2",
+        help="""
+            Explicitly disable HTTP/2 support.
+            If your OpenSSL version supports ALPN, HTTP/2 is enabled by default.
+        """
+    )
     rawtcp = group.add_mutually_exclusive_group()
     rawtcp.add_argument("--raw-tcp", action="store_true", dest="rawtcp")
     rawtcp.add_argument("--no-raw-tcp", action="store_false", dest="rawtcp",
diff --git a/mitmproxy/console/__init__.py b/mitmproxy/console/__init__.py
index e739ec61e..c6b91e16b 100644
--- a/mitmproxy/console/__init__.py
+++ b/mitmproxy/console/__init__.py
@@ -14,6 +14,8 @@ import traceback
 import urwid
 import weakref
 
+from netlib import tcp
+
 from .. import controller, flow, script, contentviews
 from . import flowlist, flowview, help, window, signals, options
 from . import grideditor, palettes, statusbar, palettepicker
@@ -452,6 +454,14 @@ class ConsoleMaster(flow.FlowMaster):
             signals.update_settings.send()
         self.loop.set_alarm_in(0.01, self.ticker)
 
+        if not hasattr(self, 'http2_error_shown') and self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+            self.http2_error_shown = True
+            signals.status_message.send(
+                message="ALPN support missing (OpenSSL 1.0.2+ required). "
+                        "HTTP/2 is disabled. Use --no-http2 to silence this warning.",
+                expire=5
+            )
+
     def run(self):
         self.ui = urwid.raw_display.Screen()
         self.ui.set_terminal_properties(256)
diff --git a/mitmproxy/dump.py b/mitmproxy/dump.py
index 6dab2ddce..d7f076cfd 100644
--- a/mitmproxy/dump.py
+++ b/mitmproxy/dump.py
@@ -1,9 +1,10 @@
 from __future__ import absolute_import, print_function
 import traceback
-
+import sys
 import click
 import itertools
 
+from netlib import tcp
 from netlib.http import CONTENT_MISSING
 import netlib.utils
 from . import flow, filt, contentviews
@@ -72,6 +73,11 @@ class DumpMaster(flow.FlowMaster):
 
         self.set_stream_large_bodies(options.stream_large_bodies)
 
+        if self.server.config.http2 and not tcp.HAS_ALPN:  # pragma: no cover
+            print("ALPN support missing (OpenSSL 1.0.2+ required)!\n"
+                "HTTP/2 is disabled. Use --no-http2 to silence this warning.",
+                file=sys.stderr)
+
         if options.filtstr:
             self.filt = filt.parse(options.filtstr)
         else:
diff --git a/mitmproxy/proxy/config.py b/mitmproxy/proxy/config.py
index a635ab19e..490cf20c9 100644
--- a/mitmproxy/proxy/config.py
+++ b/mitmproxy/proxy/config.py
@@ -56,7 +56,7 @@ class ProxyConfig:
             authenticator=None,
             ignore_hosts=tuple(),
             tcp_hosts=tuple(),
-            http2=False,
+            http2=True,
             rawtcp=False,
             ciphers_client=DEFAULT_CLIENT_CIPHERS,
             ciphers_server=None,
@@ -180,9 +180,6 @@ def process_proxy_options(parser, options):
             parser.error("Certificate file does not exist: %s" % parts[1])
         certs.append(parts)
 
-    if options.http2 and not tcp.HAS_ALPN:
-        raise RuntimeError("HTTP2 support requires OpenSSL 1.0.2 or above.")
-
     return ProxyConfig(
         host=options.addr,
         port=options.port,