Rename 'server' to 'upstream' in identifiers related to the AddServerCertsToClientChain feature

2024-11-23 00:01:36 +00:00 · 2016-03-16 19:20:18 +00:00 · 2016-03-16 19:20:18 +00:00 · 9cc55f211f
commit 9cc55f211f
parent 02e378486b
5 changed files with 22 additions and 22 deletions
--- a/mitmproxy/cmdline.py
+++ b/mitmproxy/cmdline.py
@ -436,10 +436,10 @@ def proxy_ssl_options(parser):
    )
    subgroup = group.add_mutually_exclusive_group()
    subgroup.add_argument(
-        "--add-server-certs-to-client-chain", default=False,
-        action="store_true", dest="add_server_certs_to_client_chain",
-        help="Add all the certificates of the server to the certificate chain "
-             "that will be served to the client, as extras."
+        "--add-upstream-certs-to-client-chain", default=False,
+        action="store_true", dest="add_upstream_certs_to_client_chain",
+        help="Add all certificates of the upstream server to the certificate chain "
+             "that will be served to the proxy client, as extras."
    )
    subgroup.add_argument(
        "--verify-upstream-cert", default=False,
--- a/mitmproxy/protocol/tls.py
+++ b/mitmproxy/protocol/tls.py
@ -432,7 +432,7 @@ class TlsLayer(Layer):
        self.log("Establish TLS with client", "debug")
        cert, key, chain_file = self._find_cert()

-        if self.config.add_server_certs_to_client_chain:
+        if self.config.add_upstream_certs_to_client_chain:
           extra_certs = self.server_conn.server_certs
        else:
           extra_certs = None
--- a/mitmproxy/proxy/config.py
+++ b/mitmproxy/proxy/config.py
@ -67,7 +67,7 @@ class ProxyConfig:
            ssl_verify_upstream_cert=False,
            ssl_verify_upstream_trusted_cadir=None,
            ssl_verify_upstream_trusted_ca=None,
-            add_server_certs_to_client_chain=False,
+            add_upstream_certs_to_client_chain=False,
    ):
        self.host = host
        self.port = port
@ -108,7 +108,7 @@ class ProxyConfig:
            self.openssl_verification_mode_server = SSL.VERIFY_NONE
        self.openssl_trusted_cadir_server = ssl_verify_upstream_trusted_cadir
        self.openssl_trusted_ca_server = ssl_verify_upstream_trusted_ca
-        self.add_server_certs_to_client_chain = add_server_certs_to_client_chain
+        self.add_upstream_certs_to_client_chain = add_upstream_certs_to_client_chain


 def process_proxy_options(parser, options):
@ -209,5 +209,5 @@ def process_proxy_options(parser, options):
        ssl_verify_upstream_cert=options.ssl_verify_upstream_cert,
        ssl_verify_upstream_trusted_cadir=options.ssl_verify_upstream_trusted_cadir,
        ssl_verify_upstream_trusted_ca=options.ssl_verify_upstream_trusted_ca,
-        add_server_certs_to_client_chain=options.add_server_certs_to_client_chain,
+        add_upstream_certs_to_client_chain=options.add_upstream_certs_to_client_chain,
    )
--- a/test/mitmproxy/test_server.py
+++ b/test/mitmproxy/test_server.py
@ -1001,7 +1001,7 @@ class TestProxyChainingSSLReconnect(tservers.HTTPUpstreamProxyTest):
        assert self.chain[1].tmaster.state.flow_count() == 2


-class AddServerCertsToClientChainMixin:
+class AddUpstreamCertsToClientChainMixin:

    ssl = True
    servercert = tutils.test_data.path("data/trusted-server.crt")
@ -1012,30 +1012,30 @@ class AddServerCertsToClientChainMixin:
            ]
    )

-    def test_add_server_certs_to_client_chain(self):
+    def test_add_upstream_certs_to_client_chain(self):
        with open(self.servercert, "rb") as f:
            d = f.read()
-        c1 = SSLCert.from_pem(d)
+        upstreamCert = SSLCert.from_pem(d)
        p = self.pathoc()
-        server_cert_found_in_client_chain = False
-        for cert in p.server_certs:
-            if cert.digest('sha256') == c1.digest('sha256'):
-                server_cert_found_in_client_chain = True
+        upstream_cert_found_in_client_chain = False
+        for receivedCert in p.server_certs:
+            if receivedCert.digest('sha256') == upstreamCert.digest('sha256'):
+                upstream_cert_found_in_client_chain = True
                break
-        assert(server_cert_found_in_client_chain == self.add_server_certs_to_client_chain)
+        assert(upstream_cert_found_in_client_chain == self.add_upstream_certs_to_client_chain)


-class TestHTTPSAddServerCertsToClientChainTrue(AddServerCertsToClientChainMixin, tservers.HTTPProxyTest):
+class TestHTTPSAddUpstreamCertsToClientChainTrue(AddUpstreamCertsToClientChainMixin, tservers.HTTPProxyTest):

    """
    If --add-server-certs-to-client-chain is True, then the client should receive the upstream server's certificates
    """
-    add_server_certs_to_client_chain = True
+    add_upstream_certs_to_client_chain = True


-class TestHTTPSAddServerCertsToClientChainFalse(AddServerCertsToClientChainMixin, tservers.HTTPProxyTest):
+class TestHTTPSAddUpstreamCertsToClientChainFalse(AddUpstreamCertsToClientChainMixin, tservers.HTTPProxyTest):

    """
    If --add-server-certs-to-client-chain is False, then the client should not receive the upstream server's certificates
    """
-    add_server_certs_to_client_chain = False
+    add_upstream_certs_to_client_chain = False
--- a/test/mitmproxy/tservers.py
+++ b/test/mitmproxy/tservers.py
@ -86,7 +86,7 @@ class ProxyTestBase(object):
    no_upstream_cert = False
    authenticator = None
    masterclass = TestMaster
-    add_server_certs_to_client_chain = False
+    add_upstream_certs_to_client_chain = False

    @classmethod
    def setup_class(cls):
@ -130,7 +130,7 @@ class ProxyTestBase(object):
            no_upstream_cert = cls.no_upstream_cert,
            cadir = cls.cadir,
            authenticator = cls.authenticator,
-            add_server_certs_to_client_chain = cls.add_server_certs_to_client_chain,
+            add_upstream_certs_to_client_chain = cls.add_upstream_certs_to_client_chain,
        )