ProxHTTPSProxy, a Proxomitron SSL Helper Program
|
May. 20, 2010, 08:23 AM
Post: #16
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 20, 2010 07:54 AM)JJoe Wrote: I have some 3rd party modules installed on top of python 2.6.5 but that should not be a problem because they are not used in this program. The SSLError comes from python's standard library and seems related to the certificate file. Please test with the attached proxcert.pem file I am currently use. |
|||
May. 20, 2010, 12:50 PM
Post: #17
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program | |||
May. 20, 2010, 05:27 PM
Post: #18
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
The errors that JJoe has shown look strikingly similar to: http://stackoverflow.com/questions/26300...ertificate
The circumstances are different with a PEM vs. PKCS#12 cert, yet it's happening at the same lines of the Python library. I wonder if the correct 'proxcert.pem' is being found & loaded. |
|||
May. 20, 2010, 11:02 PM
Post: #19
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 20, 2010 12:50 PM)JJoe Wrote: I'll play with it later. Will I need anything from http://www.slproweb.com/products/Win32OpenSSL.html ? I don't have Visual C++ 2008 Redistributables or Shining Light Productions OpenSSL installed. There is also a PyOpenSSL, http://pypi.python.org/pypi/pyOpenSSL . I downloaded Tiny HTTP Proxy in Python from http://www.okisoft.co.jp/esc/python/proxy/ . It worked with Proxo, so part of my install is possibly ok. WebCleaner requires a number of things. It can filter https. http://webcleaner.sourceforge.net/install.html |
|||
May. 21, 2010, 01:30 AM
Post: #20
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 20, 2010 11:02 PM)JJoe Wrote: Will I need anything from http://www.slproweb.com/products/Win32OpenSSL.html ? That might be the point. My OpenSSL copy was installed before I play with python. Sorry I didn't notice python SSL module require it. From the python doc: Quote:This SSL module uses the OpenSSL library. It is available on all modern Unix systems, Windows, Mac OS X, and probably additional platforms, as long as OpenSSL is installed on that platform. |
|||
May. 21, 2010, 01:53 AM
Post: #21
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program | |||
May. 21, 2010, 05:43 AM
Post: #22
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 20, 2010 11:02 PM)JJoe Wrote: WebCleaner requires a number of things. It can filter https.wow! i've not seen this yet, looks VERY promising! |
|||
May. 21, 2010, 08:27 AM
(This post was last modified: May. 23, 2010 07:18 PM by JJoe.)
Post: #23
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 21, 2010 01:53 AM)JJoe Wrote: I'll get it installed. An update before I get some sleep. The exception/error appears to have been fixed by installing Win32OpenSSL-0_9_8n. However, I uninstalled everything and reinstalled and added some. Code: ProxHTTPSProxy/0.1 serving on localhost:8081, <Ctrl-C> to stop ... I think it works. Edit: I can't be sure it worked, http://prxbx.com/forums/showthread.php?t...4#pid14244 . Browser HTTP is sent to The Proxomitron at 8080 Browser HTTPS is sent to ProxHTTPSProxy at 8081 In sidki's Exceptions-U.ptxt Code: # ProxHTTPSProxy So with "ssl.scroogle.org[:/]", Proxo always had a https address to forward to ProxHTTPSProxy and we loop. The new entry only forwards http. No big list or tags needed. A fairly slick FrankenProxy. I'm seeing some exceptions. The... I think you'll get there. To bed. Have fun |
|||
May. 21, 2010, 08:59 AM
Post: #24
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 21, 2010 05:43 AM)ProxRocks Wrote:(May. 20, 2010 11:02 PM)JJoe Wrote: WebCleaner requires a number of things. It can filter https.wow! i've not seen this yet, looks VERY promising! The 2.41 version in the download section won't install with python 2.6. The change log said there was a 2.42 version which uses python 2.6 but there is nowhere to download the windows build. Check its Git repository you can see it is still actively developed. There is another filtering proxy you might be interested. http://middle-man.sourceforge.net/ The delegate project also has the filtering ability. In the end, the XUProxy is what I expected mostly. |
|||
May. 21, 2010, 02:41 PM
Post: #25
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 21, 2010 08:27 AM)JJoe Wrote: I think it works. Great! (May. 21, 2010 08:27 AM)JJoe Wrote: In sidki's Exceptions-U.ptxt This entry will catch http://www.NotHttpsSite.com:8080/ too, which will cause problem. Except for that, maybe we'd better use "ssl.scroogle.org:" with it? If a site uses https for login or some other thing then switch back to http. "www.site.com[:/]" will cause problem on http pages. (May. 21, 2010 08:27 AM)JJoe Wrote: I'm seeing some exceptions. The... I think you'll get there. Here is a slightly updated version. I am not going to handle some exceptions raised by python's standard library. Just leave them there for information. |
|||
May. 21, 2010, 11:16 PM
(This post was last modified: May. 23, 2010 07:18 PM by JJoe.)
Post: #26
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 21, 2010 02:41 PM)whenever Wrote:(May. 21, 2010 08:27 AM)JJoe Wrote: I think it works. Now it doesn't work. Code: ProxHTTPSProxy/0.1a serving on localhost:8081, <Ctrl-C> to stop ... The Proxomitron's log window also looks different now. Edit: http://prxbx.com/forums/showthread.php?t...4#pid14244 . Success -> turn off computer -> turn on computer -> Failure Proxo has done this to me before. Darn... (May. 21, 2010 02:41 PM)whenever Wrote: This entry will catch http://www.NotHttpsSite.com:8080/ too, which will cause problem. The only time I had this work (it doesn't work now), Opera's request for https://www.site.com/ went to ProxHTTPSProxy ProxHTTPSProxy responded 307 http://www.site.com:443/ Opera's request for http://www.site.com:443/ went to The Proxomitron The Proxomitron forwarded this request to ProxHTTPSProxy ProxHTTPSProxy 'tagged' the url with :443. Most of the addresses that I see don't use port number. [^/]++:443&$URL(http://*) $SET(0=i_proxy:3.) $SETPROXY(127.0.0.1:8081) would catch and forward most (almost all?) requests 'tagged' by ProxHTTPSProxy, I think. A small list might handle exceptions. You might be able to use a cookie for a tag. Again, I think. |
|||
May. 22, 2010, 02:01 AM
Post: #27
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 21, 2010 11:16 PM)JJoe Wrote: This is normal. The prompt is there for information. ProxHTTPSProxy reads the request url after the SSL tunnel is established before it can issue a 307 response. Sometimes it is too fast and the client hasn't send the info yet so I use a loop to read forever until it gets the info. (May. 21, 2010 11:16 PM)JJoe Wrote: Success -> turn off computer -> turn on computer -> Failure Now I feel relieved it might not be my program's problem. (May. 21, 2010 11:16 PM)JJoe Wrote: ProxHTTPSProxy 'tagged' the url with :443. Most of the addresses that I see don't use port number. I like this way. |
|||
May. 22, 2010, 02:19 AM
Post: #28
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 22, 2010 01:58 AM)Graycode Wrote: In this I tried to address what I think is the issue you encountered above. The changes I made start at line# 63. The mod reads character by character. I saw them in other python proxy's code too. In my code I read up to 1024 bytes a time because it takes only 1 line and looks simple. Graycode, what's the difference between reading character by character and reading a bunch from a socket? JJoe, if the mod works for you, I would switch to that routine. |
|||
May. 22, 2010, 02:28 AM
(This post was last modified: May. 22, 2010 02:45 AM by Graycode.)
Post: #29
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 22, 2010 02:19 AM)whenever Wrote: Graycode, what's the difference between reading character by character and reading a bunch from a socket? Sorry, I removed that post when I saw you'd responded to JJoe. Did that to avoid interfering with your project. I'll re-upload it if you want, or you can (it's Your ideas & project). The character-by-character was to account for commenting out the setblocking(0), while also being able to accommodate either a short or a long URL. If setblocking(0) does what I think it does then it's unlikely to get the browser's headers with the same packets that completed the SSL handshake. Without waiting (blocking) for data the read() wouldn't have anything in the queue, perhaps leading to that exception. Sometimes a bit of the data might be there, sometimes not. So I figured that using socket blocking was better, and then grabbing the URL char-by-char seemed a reasonable solution to making sure the minimum amount of expected data had arrived before proceeding. |
|||
May. 22, 2010, 04:11 AM
Post: #30
|
|||
|
|||
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(May. 22, 2010 02:28 AM)Graycode Wrote: So I figured that using socket blocking was better, and then grabbing the URL char-by-char seemed a reasonable solution to making sure the minimum amount of expected data had arrived before proceeding. Thanks. Here is the 0.1b version using the char-by-char routine, though I am wondering if it would solve JJoe's issue. |
|||
« Next Oldest | Next Newest »
|