[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-ssl] iSaSiLkLight and proxy



Hello

with iSaSiLkLight you may realize SSL-connections via proxy in a similiar way as done
by the standard edition by specifying proxy name and port when creating a SSLConnection-Object
and "switch off" the auto handshake by calling setAutoHandshake(false). Subsequently you
send the CONNECT command to the proxy to connect to the final target host. If successfuk
you then manuelly start the handshake by calling startHandshake() in a way like:


public class ProxyTest {

  static PrintStream writer = null;
  static DataInputStream reader = null;

  static String proxyName = ...;
  static int proxyPort = ...;

  // connect via Proxy
  public static void proxyConnect(String host, int port) throws IOException {
    String request =
    new String("CONNECT "+host+":"+port+" HTTP/1.0");

    writer.println(request);
    writer.println();
    writer.flush();
    String line = reader.readLine();

    if( (line == null) || (line.startsWith("HTTP/1.") == false) ) {
      throw new IOException("Invalid response from proxy: " + line);
    }
    if( line.substring("HTTP/1.x ".length()).trim().startsWith("2") == false ) {
      throw new IOException("Proxy responded: " + line);
    }
    while( true ) {
      System.out.println("Proxy sends: "+line);
      line = reader.readLine();
      if( (line == null) || (line.length() == 0) ) {
        break;
      }
    }
  }

  public static void main(String[] args) {
      ...
      // Initialisation as accustomed (Context,...)
      ...
      SSLConnection s = null;
      if (proxyName == null) {
        s = new SSLConnection(serverName, serverPort, context);
        s.setDebugStream(System.out);       // debugging info goes to System.out
        reader = new DataInputStream(s.getInputStream());
        writer = new PrintStream(s.getOutputStream());
      } else {
        s = new SSLConnection(proxyName, proxyPort, context);
        s.setDebugStream(System.out);
        // kein automatischer Handshake
        s.setAutoHandshake(false);
        reader = new DataInputStream(s.getInputStream());
        writer = new PrintStream(s.getOutputStream());
        proxyConnect(serverName, serverPort);
        // jetzt kann der Handshake gestartet werden
        s.startHandshake();
      }

      System.out.println("Connection established, using " + s.getActiveCipherSuite().getName());

      writer.println("GET / HTTP/1.0");
      writer.println();
      writer.flush();
      System.out.println("server response:");
      while( true ) { // read response from server
        String line;
        try {
          line = reader.readLine(); // sometimes returns null for EOF, sometimes throws an EOFException
        } catch( EOFException e ) {
          line = null;
        }
        if( line == null ) break;
        System.out.println(line);
      }
      System.out.println("Finished.");

  }

}

However, I am not sure if this will really work in an (unsigned) applet only allowed
to connect back to the target host....

Regards
Dieter Bratko

-----Ursprungliche Nachricht-----
Von: iaik-ssl-owner@iaik.tu-graz.ac.at [mailto:iaik-ssl-owner@iaik.tu-graz.ac.at]Im Auftrag von Alex Ratner
Gesendet: Freitag, 21. September 2001 01:12
An: iaik-ssl@iaik.at
Betreff: [iaik-ssl] iSaSiLkLight and proxy


Hi,

We have written an applet using the iSaSiLkLight.
The applet makes a SSL connection to a server.
But if there is a proxy between the client host and
the Internet, the connection fails.
How can we connect to a server through a proxy
with iSaSiLkLight?

As far as I understand, the full version of iSaSiLk has
means for working with proxies.
What about iSaSiLkLight?

--
Best regards,
Alex Ratner



_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl
 


--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl