- From: Grushinskiy, Mikhail <mgrushinskiy@att.com>
- Date: Thu, 21 Jun 2001 17:01:11 -0400
- To: www-lib@w3.org
- Cc: srdjan.matovina@canada.sun.com, tudor.hulubei@ecora.com, olga@eai.com, anton.belov@canada.sun.com, "Guo, Xuan C, NNAD" <xuanguo@att.com>
Sorry for resposting this... Somehow it didn't make to the list for the first time. --Mikhail > Srdjan, > > I'm trying to use your patch to make GET and POST requests over SSL with > proxy. > Initially I had troubles with GET in wwwssl sample. After changing > > HTSSLhttps_init(YES); > to > HTSSLhttps_init(NO); > > in wwwssl.c as suggested in some postings it still didn't work for me. > GET request ended with -1 code. I found this message in the trace: > > Read Socket. No read stream for net object 0x80c3a50 > > and I added > > HTNet_setReadStream(net, me); > > in HTTP.c after HTNet_setPersistent(HTRequest_net(request), YES, > HT_TP_SINGLE); > > > if (HTRequest_method(request) == METHOD_CONNECT) { > tt=HTStreamStack(WWW_MIME_HEAD, > HTRequest_outputFormat(request), > HTRequest_outputStream(request), > request, YES); > > me = HTTee(tt, > HTTPStatus_new(request, > NULL, > WWW_MIME_HEAD, > HTRequest_outputFormat(request), > NULL), > NULL); > > HTNet_setPersistent(HTRequest_net(request), YES, HT_TP_SINGLE); > HTNet_setReadStream(net, me); > } > > > This change seems to be fixed the problem with wwwssl and GET. > > > However I still cannot make POST to work over SSL with proxy. > Here is what happens... > > The program opens connection to a proxy, issues CONNECT and receives > "200 Connection established" after that proxy goes into tunneling mode > and the program establishes SSL connection with the web server. > The program dumps POST request headers and dives into infinite loop. > It never calls select() during this loop. It doesn't flush the body > of the POST message. > > > Host Event.. FLUSH requested for `https://www.ups.com/ups.app/xml/Rate' > , but ignoring it as we're already processing a flush in this host > Host Event.. READ passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_READ > SSL_connect: error in SSLv3 read finished A > HTSSLReader. SSL returned 2 > HTSSLReader. WOULD BLOCK fd 3 > Host Event.. FLUSH passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_FLUSH > Buffer...... Flushing 0x80c3a60 > **************** HTSSLWriter_write entering **************** > SSL_connect: SSLv3 read finished A > HTSSLWriter. SSL returned 0 > POST /xml/Rate HTTP/1.0^M > Accept: */*;q=0.3^M > TE: trailers^M > Expect: 100-continue^M > Host: www.ups.com^M > User-Agent: libwww-POST/1.0 libwww/5.3.2^M > Connection: TE,Keep-Alive^M > Date: Tue, 19 Jun 2001 03:51:56 GMT^M > Content-Length: 1207^M > Content-Type: application/x-www-form-urlencoded^M > ^M > HTSSLWriter. 286 bytes written to 3 > Memory Free. 0x80edd60 > Memory Free. 0x80b75c0 > Host Event.. READ passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_READ > HTSSLReader. SSL returned 2 > HTSSLReader. WOULD BLOCK fd 3 > Host Event.. FLUSH passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_FLUSH > Host Event.. READ passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_READ > HTSSLReader. SSL returned 2 > HTSSLReader. WOULD BLOCK fd 3 > Host Event.. FLUSH passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_FLUSH > Host Event.. READ passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_READ > > > Here is the log for the same scenario without proxy: > > > > EventList... calling socket 3, request 0x80c2ab0 handler 0x8088f80 type > HTEvent_READ > Host Event.. READ passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_READ > SSL_connect: SSLv3 read finished A > HTSSLReader. SSL returned 2 > HTSSLReader. WOULD BLOCK fd 3 > Host Event.. FLUSH passed to `https://www.ups.com/ups.app/xml/Rate' > ----------HTEvent_FLUSH > Buffer...... Flushing 0x80cdc08 > **************** HTSSLWriter_write entering **************** > HTSSLWriter. SSL returned 0 > POST /ups.app/xml/Rate HTTP/1.1^M > Accept: */*;q=0.3^M > TE: trailers^M > Expect: 100-continue^M > Host: www.ups.com^M > User-Agent: libwww-POST/1.0 libwww/5.3.2^M > Connection: TE,Keep-Alive^M > Date: Tue, 19 Jun 2001 03:51:39 GMT^M > Content-Length: 1207^M > Content-Type: application/x-www-form-urlencoded^M > ^M > HTSSLWriter. 286 bytes written to 3 > Memory Free. 0x80c2a98 > Memory Free. 0x80c2a98 > Memory Free. 0x80e30a8 > Event Loop.. calling select: maxfds is 3 > ............ READ : 3 > ............ WRITE: > ............ OOB : > ............ Timeout is 1 s, 897000 microsecs > Event Loop.. select returns 0 > ............ READ : > ............ WRITE: > ............ OOB : > ............ Timeout is 0 s, 0 microsecs > Event Loop.. calling select: maxfds is 3 > ............ READ : 3 > ............ WRITE: > ............ OOB : > ............ Timeout is 0 s, 2000 microsecs > > > > I appreciate your help. > > Thank you, > Mikhail Grushinskiy > > > > > https over proxy patch > > > > From: Srdjan Matovina -- Customer Engineering > (srdjan@scot.canada.sun.com) > > Date: Wed, Mar 21 2001 > > > > *Next message: Attila Uhljar: "POST and pipelining" > > > > * Previous message: Fengyun Cao: "why webbot hangs on linux..." > > * Next in thread: Srdjan Matovina -- Customer Engineering: "Re: https > over proxy patch" > > * Reply: Srdjan Matovina -- Customer Engineering: "Re: https over > proxy patch" > > * Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] > > * Other mail archives: [this mailing list] [other W3C mailing lists] > > * Mail actions: [ respond to this message ] [ mail a new topic ] > > > > > ------------------------------------------------------------------------ > > > > Date: Wed, 21 Mar 2001 12:53:04 -0500 (EST) > > Message-Id: <200103211748.MAA224586@discover.canada.sun.com> > > From: Srdjan Matovina -- Customer Engineering > <srdjan@scot.canada.sun.com> > > To: www-lib@w3.org > > Subject: https over proxy patch > > > > Hi, > > In the last three weeks I was working to implement patch that will > enable https > > connection over proxy. I contacted Olga Antropova and she sent me her > > implementation based on an old code base of the libwww. I've integrated > into > > 5.3.2 code base and did some testing by using wwwssl example by adding > > HTProxy_add("http", "http://proxy:8888"); > > and on some application level code. > > As well I've send a path to <tudor.hulubei@ecora.com> to do independent > test of > > the patch. All the tests were secuessfull. > > Here is Olga comments on how she implemented this feature: > > > >Basically in HTAuthFilter I change method from what it was to CONNECT > and > > > >have HTTPS_proxyAfterFilter that changes method back to original if > > connect > > > >was ok. > > > >So I added CONNECT method to the mehtods. > > > >Also I have some changes in HTChannel.c > > > >And I do not use https connection management in HTSSL.c > > > > > > > > Find attached the diff file for https over proxy. > > > > Regards, Srdjan > > ==== > > Srdjan Matovina > > Sun Microsystems Americas Customer Engineering > > srdjan.matovina@canada.sun.com > > Ph.(905) 415-2883 Fax.(905) 477-0217 > > > > ------------- Begin Forwarded Message ------------- > > > > MIME-Version: 1.0 > > Content-Transfer-Encoding: 7bit > > Date: Mon, 19 Mar 2001 12:18:30 -0500 (EST) > > From: Tudor Hulubei <tudor.hulubei@ecora.com> > > To: Srdjan Matovina -- Customer Engineering > <srdjan@opcom-mail.canada.sun.com> > > Subject: Re: SSL through a proxy w/ libwww > > > > On Monday, 19 March 2001, Srdjan Matovina -- Customer Engineering > wrote: > > > I set my proxy server: > > > HTProxy_add(http, "http://proxy:8888"); > > > With this setup I can get the page no problem. > > > > > > If I set proxy like: HTProxy_add(https, "https://proxy:8888"); > > > then client never connect to the secure server and also client is > going into > > > infinitive loop. Have to kill the client process. > > > Try add the proxy with http protocol type, not with https: > > > > > > HTProxy_add(http, "http://proxy:8888"); > > > Let me know the result! > > > > Well, good news! It does work, indeed, after I took the "s" out from > > "https" in HTProxy_add. Thanks! Let me know if there is something > > else that you want me to test. > > > > Tudor > > > > ------------- End Forwarded Message ------------- > > > > ------------- Begin Forwarded Message ------------- > > > > X-Authentication-Warning: balefire.eai.com: uucp set sender to > <olga@eai.com> > > using -f > > Really-From: olga@eai.com > > From: "Olga Antropova" <olga@eai.com> > > To: "Srdjan Matovina -- Customer Engineering" > <srdjan@opcom-mail.canada.sun.com> > > Cc: <antonb@opcom-mail.canada.sun.com>, "Olga Antropova" <olga@eai.com> > > Subject: Re: SSL patch: Can you do that?? > > Date: Thu, 8 Mar 2001 13:07:33 -0600 > > MIME-Version: 1.0 > > X-Priority: 3 > > X-MSMail-Priority: Normal > > X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 > > > > Hi, > > > > I think *CachingState is not relevant and should not be merged. > > > > I am impressed with the fact that you are almost finished. Please be > careful > > to merge only the pieces that make sense. > > And please be sure to test the resulting patch intensively before > sending it > > to the library. (We do not want to break it :-) > > > > Also I am sure that I have missed some more files. > > > > Olga. > > ----- Original Message ----- > > From: "Srdjan Matovina -- Customer Engineering" > <srdjan@scot.canada.sun.com> > > To: <olga@eai.com> > > Cc: <antonb@discover.canada.sun.com> > > Sent: Thursday, March 08, 2001 10:39 AM > > Subject: Re: SSL patch: Can you do that?? > > > > > Hi Olga, > > > > > > Thanks a lot for ssl over proxy patch code. I am integrating your ssl > > patch into > > > latest libwww. So far I am almost finished with integration except for > the > > > following function implementation that you missed to send: > > > > > > extern void HTRequest_setUseHTTPS(HTRequest *, BOOL val); > > > extern BOOL HTRequest_useHTTPS(HTRequest *); > > > > > > extern void HTRequest_setCachingState(HTRequest *, BOOL val); > > > extern BOOL HTRequest_cachingState(HTRequest *); > > > > > > extern void HTRequest_setHTTPSRequest(HTRequest *, BOOL val); > > > extern BOOL HTRequest_isHTTPSRequest(HTRequest *); > > > > > > extern void HTRequest_saveOrigMethod(HTRequest *); > > > extern HTMethod HTRequest_origMethod(HTRequest *); > > > > > > extern int HTRequest_httpsProxyRetries(HTRequest *); > > > extern void HTRequest_httpsProxyAddRetry(HTRequest *); > > > > > > Those are the function declaration from HTReq.h file. > > > > > > If you could send it to me that would be great. > > > > > > Thanks a lot > > > > > > Srdjan > > > >Date: Wed, 7 Mar 2001 13:12:19 -0500 (EST) > > > >From: Anton Belov -- Customer Engineering > > <antonb@opcom-mail.canada.sun.com> > > > >Subject: SSL patch: Can you do that?? > > > >To: srdjan@canada.sun.com > > > >MIME-Version: 1.0 > > > > > > > > > > > >------------- Begin Forwarded Message ------------- > > > > > > > >X-Authentication-Warning: balefire.eai.com: uucp set sender to > > <olga@eai.com> > > > >using -f > > > >Really-From: olga@eai.com > > > >From: "Olga Antropova" <olga@eai.com> > > > >To: "Anton Belov -- Customer Engineering" > > <antonb@opcom-mail.canada.sun.com>, > > > >"Olga Antropova" <olga@eai.com> > > > >Subject: SSL patch: Can you do that?? > > > >Date: Wed, 7 Mar 2001 11:06:09 -0600 > > > >MIME-Version: 1.0 > > > >X-Priority: 3 > > > >X-MSMail-Priority: Normal > > > >X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 > > > > > > > >Privet Anton! > > > > > > > >I have it working but my codebase is old and the code is not perfect > :-) > > > >(well... ugly) > > > > > > > >Basically in HTAuthFilter I change method from what it was to CONNECT > and > > > >have HTTPS_proxyAfterFilter that changes method back to original if > > connect > > > >was ok. > > > >So I added CONNECT method to the mehtods. > > > >Also I have some changes in HTChannel.c > > > >And I do not use https connection management in HTSSL.c > > > > > > > >So I am attaching the files. > > > >If you can make sense and even make patch for the current version of > www > > of > > > >that stuff it would be great! > > > >I just absolutely have no time for that. > > > > > > > >Let me know if I missed some files. > > > >Caution: the files contain some changes not relevant to SSL support. > > > > > > > >Schastlivo! > > > > > > > >Olga. > > > > > > > > > > > >----- Original Message ----- > > > >From: "Anton Belov -- Customer Engineering" > <antonb@scot.canada.sun.com> > > > >To: <www-lib@w3.org> > > > >Sent: Wednesday, March 07, 2001 10:22 AM > > > >Subject: https & proxy > > > > > > > > > > > >> Hi ! > > > >> > > > >> I'm trying to understand why i cannot do https through proxy (if > anyone > > > >has it > > > >> working, please let me know); To my understanding there are two > ways to > > do > > > >it: > > > >> > > > >> - one is when the communication between client and proxy is > regular > > HTTP, > > > >and > > > >> proxy to the destination is HTTPS. In this case client doesn't > even > > > >need to > > > >> support SSL, because all the SSL work will be done by the proxy, > > which > > > >> requires proxy to be configured for that. And i think not all of > > them > > > >are - > > > >> in my particular case i'd always get "500 Internal Server Error" > > from > > > >the > > > >> proxy. > > > >> > > > >> - the other, and prefered way is to use proxy SSL tunneling, which > is > > > >> established using CONNECT command to the proxy, and getting the > 200 > > > >> response if the destination server has accepted the connection. > > Here's > > > >> the spec for this: > > > >> > > > > > > >http://www.web-cache.com/Writings/Internet-Drafts/draft-luotonen-web-prox > y- > > t > > > >unne > > > >> ling-01.txt > > > >> > > > >> This is not implemented in LibWWW, am i correct ? Is anyone > working > > on > > > >this > > > >> right now ? > > > >> > > > >> > > > >> Best Regards, > > > >> Anton > > > >> > > > >> > > > >> > > > >> > ~v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^vv^v^v^v^v^v^v^v^v^v^v^~ > > > >> > > > >> Anton Belov > > > >> Sun Microsystems Americas Customer Engineering > > > >> anton.belov@canada.sun.com > > > >> Ph. (905)415-2841 Fax. (905)477-0217 > > > >> > > > >> > > > > > > > >------------- End Forwarded Message ------------- > > > > > > > > > > > >~v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^vv^v^v^v^v^v^v^v^v^v^v^~ > > > > > > > >Anton Belov > > > >Sun Microsystems Americas Customer Engineering > > > >anton.belov@canada.sun.com > > > >Ph. (905)415-2841 Fax. (905)477-0217 > > > > > > > > > > ==== > > > Srdjan Matovina > > > Sun Microsystems Americas Customer Engineering > > > srdjan.matovina@canada.sun.com > > > Ph.(905) 415-2883 Fax.(905) 477-0217 > > > > > > > > > > ------------- End Forwarded Message ------------- > > > > > ------------------------------------------------------------------------ > > > > * APPLICATION/x-sun-compress attachment: https-proxy.tar.Z > > > > > ------------------------------------------------------------------------ > > > > * Next message: Attila Uhljar: "POST and pipelining" > > * Previous message: Fengyun Cao: "why webbot hangs on linux..." > > * Next in thread: Srdjan Matovina -- Customer Engineering: "Re: https > over proxy patch" > > * Reply: Srdjan Matovina -- Customer Engineering: "Re: https over > proxy patch" > > * Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] > > * Other mail archives: [this mailing list] [other W3C mailing lists] > > * Mail actions: [ respond to this message ] [ mail a new topic ]
Received on Thursday, 21 June 2001 17:02:34 UTC