[ Zn+Zdc ] Implementation of HTTPS proxying using HTTP CONNECT tunneling
Locked
[ Zn+Zdc ] Implementation of HTTPS proxying using HTTP CONNECT tunneling
 
|
Hi,
Yesterday I did a first implementation of HTTPS proxying using HTTP CONNECT tunneling for Zn+Zdc, this should now be tested by a wider audience. With this new feature it should now be possible to access HTTPS Urls from behind an HTTP proxy. This is for all OS platforms. Thanks Nicolai for finding the spec reference and Torsten for the push. In Zn #bleedingEdge === Name: Zinc-HTTP-SvenVanCaekenberghe.437 Author: SvenVanCaekenberghe Time: 6 October 2015, 9:57:35.790306 pm UUID: 96b9026b-561e-4d6f-88b7-46389b163e99 Ancestors: Zinc-HTTP-SvenVanCaekenberghe.436 Implementation of HTTPS proxying using HTTP CONNECT tunneling https://en.wikipedia.org/wiki/HTTP_tunnel#HTTP_CONNECT_tunneling http://www.ietf.org/rfc/rfc2817.txt (section 5) Rewrite ZnClient>>#newConnectionTo: with delegate to newly added ZnClient>>#setupTLSTo: which implements the mechanism described in the links above Change ZnClient>>#readResponse: not to expect a body with a CONNECT request Change ZnHeaders>>#request: to use #authorityWithPort for the Host header Add ZnNetworkingUtils [class]>>#secureSocketStreamOn: Change ZnRequestLine>>#writeOn: to write the correct Request-URI portion of the Request-Line in case of CONNECT and/or plain HTTP(S) proxying Tested with Squid 3 as proxy === Name: Zinc-Resource-Meta-Core-SvenVanCaekenberghe.54 Author: SvenVanCaekenberghe Time: 6 October 2015, 9:58:39.204572 pm UUID: 134e875c-d2dd-4970-9697-b9d56833d77d Ancestors: Zinc-Resource-Meta-Core-SvenVanCaekenberghe.53 Add ZnUrl>>#authorityWithPort and ZnUrl>>#hasSecureScheme === Name: Zinc-Tests-SvenVanCaekenberghe.234 Author: SvenVanCaekenberghe Time: 6 October 2015, 9:59:59.387302 pm UUID: d2831cd8-fa01-4f44-8533-f5045dabbd7d Ancestors: Zinc-Tests-SvenVanCaekenberghe.233 Modify ZnClientTests>>#testIfFailNonExistingHost because of different behavior when a proxy is involved === On my machine all Zn+Zdc tests succeed with a proxy set (squid 3). Let's hope it works for others too. I did not yet test proxy authorization but I think it should work like before. An HTTP Proxy can be set in World > System > Settings Here is some code to do a simple test ZnClient new get: 'https://s3-eu-west-1.amazonaws.com/public-stfx-eu/test-2050.txt'. ZnClient new get: 'https://s3-eu-west-1.amazonaws.com/public-stfx-eu/small.html'. ZnClient new get: 'http://stfx.eu/small.html'. ZnNetworkingUtils default isProxySet. ZnNetworkingUtils shouldProxyUrl: 'https://s3-eu-west-1.amazonaws.com/public-stfx-eu/small.html' asUrl. Regards, Sven |
Re: [ Zn+Zdc ] Implementation of HTTPS proxying using HTTP CONNECT tunneling
|
|
Sven Van Caekenberghe <[hidden email]> writes: > Yesterday I did a first implementation of HTTPS proxying using HTTP > CONNECT tunneling for Zn+Zdc, this should now be tested by a wider > audience. With this new feature it should now be possible to access > HTTPS Urls from behind an HTTP proxy. This is for all OS platforms. > Thanks Nicolai for finding the spec reference and Torsten for the > push. I have no use for that but I think this goes in the right direction. Thank you very much! -- Damien Cassou http://damiencassou.seasidehosting.st "Success is the ability to go from one failure to another without losing enthusiasm." --Winston Churchill |
|
|
In reply to this post by Sven Van Caekenberghe-2
Big applaud :)
TX!!!! Le 7/10/15 09:37, Sven Van Caekenberghe a écrit : > Hi, > > Yesterday I did a first implementation of HTTPS proxying using HTTP CONNECT tunneling for Zn+Zdc, this should now be tested by a wider audience. With this new feature it should now be possible to access HTTPS Urls from behind an HTTP proxy. This is for all OS platforms. Thanks Nicolai for finding the spec reference and Torsten for the push. > > In Zn #bleedingEdge > > === > Name: Zinc-HTTP-SvenVanCaekenberghe.437 > Author: SvenVanCaekenberghe > Time: 6 October 2015, 9:57:35.790306 pm > UUID: 96b9026b-561e-4d6f-88b7-46389b163e99 > Ancestors: Zinc-HTTP-SvenVanCaekenberghe.436 > > Implementation of HTTPS proxying using HTTP CONNECT tunneling > > https://en.wikipedia.org/wiki/HTTP_tunnel#HTTP_CONNECT_tunneling > http://www.ietf.org/rfc/rfc2817.txt (section 5) > > Rewrite ZnClient>>#newConnectionTo: with delegate to newly added ZnClient>>#setupTLSTo: which implements the mechanism described in the links above > > Change ZnClient>>#readResponse: not to expect a body with a CONNECT request > > Change ZnHeaders>>#request: to use #authorityWithPort for the Host header > > Add ZnNetworkingUtils [class]>>#secureSocketStreamOn: > > Change ZnRequestLine>>#writeOn: to write the correct Request-URI portion of the Request-Line in case of CONNECT and/or plain HTTP(S) proxying > > Tested with Squid 3 as proxy > === > Name: Zinc-Resource-Meta-Core-SvenVanCaekenberghe.54 > Author: SvenVanCaekenberghe > Time: 6 October 2015, 9:58:39.204572 pm > UUID: 134e875c-d2dd-4970-9697-b9d56833d77d > Ancestors: Zinc-Resource-Meta-Core-SvenVanCaekenberghe.53 > > Add ZnUrl>>#authorityWithPort and ZnUrl>>#hasSecureScheme > === > Name: Zinc-Tests-SvenVanCaekenberghe.234 > Author: SvenVanCaekenberghe > Time: 6 October 2015, 9:59:59.387302 pm > UUID: d2831cd8-fa01-4f44-8533-f5045dabbd7d > Ancestors: Zinc-Tests-SvenVanCaekenberghe.233 > > Modify ZnClientTests>>#testIfFailNonExistingHost because of different behavior when a proxy is involved > === > > On my machine all Zn+Zdc tests succeed with a proxy set (squid 3). Let's hope it works for others too. I did not yet test proxy authorization but I think it should work like before. > > An HTTP Proxy can be set in World > System > Settings > > Here is some code to do a simple test > > ZnClient new get: 'https://s3-eu-west-1.amazonaws.com/public-stfx-eu/test-2050.txt'. > > ZnClient new get: 'https://s3-eu-west-1.amazonaws.com/public-stfx-eu/small.html'. > > ZnClient new get: 'http://stfx.eu/small.html'. > > ZnNetworkingUtils default isProxySet. > > ZnNetworkingUtils shouldProxyUrl: 'https://s3-eu-west-1.amazonaws.com/public-stfx-eu/small.html' asUrl. > > Regards, > > Sven > |
«
Return to Pharo Smalltalk Developers
|
1 view|%1 views
| Free forum by Nabble | Edit this page |