• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Creating Proxy cannot correctly tunnel through SSL after browser sends CONNECT request?

 
Ranch Hand
Posts: 55
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have been haunted for some time now trying to get my custom proxy to properly handle when the browser sends a CONNECT request. In order to keep it simple let me explain how I handle the process. Maybe at that point someone can help clarify what I'm doing wrong.


1. Create server with ServerSocketChannel on port 8080.
2. Bind that ServerSocketChannel to a Selector which essentially allows for non-blocking while the server waits for a request from port 8080.
3. As soon as I set my browser to port 8080 and send the request https://google.com it notifies the selector something sent to port 8080.
4. I get that request and see its a CONNECT so i immediately create a response "Connection Established" (request and response i send and receive are below)

Request from browser:
CONNECT google.com:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1
Proxy-Connection: keep-alive
Host: google.com


Response I send back to browser over my normal socket:
HTTP/1.1 200 Connection established\r\nProxy-connection: Keep-alive\r\n\r\n

5. Now I wait for something to be sent from browser I was assuming at this point a SSL request would be sent but nothing ever gets sent. I'm starting to think its because I have not established a SSL handshake with the browser so its not going to send a SSL message over that default created socket. Do you think I need to close that socket over port 8080 and establish a new SecureSocket on port 8080 right before I send the connection established response back to browser? This is my next step.I know that the browser needs to send me more data after the initial CONNECT. I don't have enough data with just the CONNECT to go to server yet. I'm thinking it than needs to send me another request something like the following in SSL:

GET /
Host: google.com

Once I get something like that then I can go establish my secure socket connection with the server and get back the response to send back to browser.

What you think on the right track? Its just that I get no additional message after i send connection established.
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi there

I'm busy writing my own java proxy for the ps3.

Basically all I want to do is PS3 --> PC Proxy --> Web.
For the most part it works but I am struggling to understand CONNECT calls from the browser.
I know I must open a new socket on the host address and port given by the CONNECT call, but what then.
No response is coming back from the server.

I'm also struggling a bit with CONNECT.
Mostly because I do not understand it well.

Did you come right with your problem and if so what was the solution ?
Do you have a code sample to look at ?
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic