Post Reply 
exception error raised in sslstart
Jan. 07, 2009, 12:18 PM
Post: #46
RE: exception error raised in sslstart
(Jan. 07, 2009 11:31 AM)ProxRocks Wrote:  
(Jan. 07, 2009 03:57 AM)Oddysey Wrote:  Given the above, Proxo can indeed be said to be accessing, and filtering on, another port besides 80/443. A bit strange that Scott never mentioned this...

to clarify, Proxo does perform DNS Port 53 lookups, however, that does NOT mean that Proxo can FILTER DNS Port 53 lookups...

It seems we have a misunderstanding regarding local and remote ports here.

http://www.geocities.com/sidki3003/prox/...tc/FAQ.txt :
Quote:Q3: What local ports are involved in the request/response chain?

A3: Prox listens locally on port 8080 (by default), the browser sends its
request from a low range random port to 8080, Prox opens a low range
random port and sends the request to the outside world (usually remote
port 80), the reply from the outside world is addressed to this same port,
Prox sends the reply from port 8080 to the local port that the browser
previously opened.

IOW:
Proxomitron listens on one single local port for incoming (by default local) user-agent HTTP(S) requests, filters their headers, then forwards them.

It doesn't matter at all, to which remote port the forwarded request is going. However, usually it's port 80. Sometimes 443, sometimes 8080, sometimes a random port.
Add Thank You Quote this message in a reply
Jan. 07, 2009, 03:00 PM
Post: #47
RE: exception error raised in sslstart
(Jan. 07, 2009 03:20 AM)whenever Wrote:  Maybe it is the time for us to upgrade to the latest openssl build?

Yep. Unfortunately i don't have the knowledge to do that. If you know someone who can do it, great. If you want to contact the author of the original 2003 patch, let me know, maybe his old email address is still valid.
Add Thank You Quote this message in a reply
Jan. 07, 2009, 07:02 PM
Post: #48
RE: exception error raised in sslstart
(Jan. 07, 2009 12:45 AM)ProxRocks Wrote:  keep in mind, the ONLY time i've seen this error is when NO web browser is even open...
when Proxo sat "idle" for 'at least' an HOUR...
bam, out of the blue, no 'net activity at all, Proxo throws up the error...

That seems strange. Surely there must have been some background request to the proxy for Windows Update, WGA Revalidation, Antivirus Definitions, etc. Proxo would not be doing anything on its own without a request to process.
Add Thank You Quote this message in a reply
Jan. 07, 2009, 07:49 PM
Post: #49
RE: exception error raised in sslstart
sidki, I think ProxRocks has it correct, or at least mostly correct. I don't know about the random part, but indeed, the browser first requests a resolution of the alphanumeric name entered on the address bar. That process starts with the OS, and if needful, is then handed off, at local port 53, to the nearest DNS (usually one's ISP), or to an assigned one (again, usually one's ISP). The Domain Name Resolution process does not use ports 80, 8080, or any other port beyond 53. (Unless the machine's SysAdmin has monkeyed with the OS's port assignments.)

But, ProxRocks, I contend that Proxo is indeed filtering the outgoing name resolution request. If it didn't then how would you describe the operation of these filters (taken from Scott's default config)?

Code:
In = FALSE
Out = FALSE
Key = "URL: Un-Prefixer (Out)"
Match = "[^\]+\w[^a-z]((http|ftp)(%3A|:)(%2F|/)[^&]+)\1"
Replace = "$JUMP($UESC(\1))"

or:

In = FALSE
Out = FALSE
Key = "URL: Enable Netscape Keywords (Out)"
URL = "[^./]+/(^?)&\w[a-z]&$RDIR(http://keyword.netscape.com/keyword/\h)"

Looking at them (and with a little help from JJoe, early on in my Proxo life), I got the idea to do this, while I was active at Yahoo:

Code:
In = TRUE
Out = FALSE
Key = "URL: Yahoo mail jump past "Empty" page July4 (IN)"
URL = "[^/]++mail.yahoo.com/mc/showFolder\?E&$JUMP(http://\h/mc/showFolder?fid=Inbox)"

I also wrote this (by myself, thank you Wink ):

Code:
In = TRUE
Out = FALSE
Key = "URL: (my) mail jump to secure filtering (IN)"
URL = "https://www.xyzabc.com/mod.php?mod=compose/$JUMP(http://https..www.xyzabc.com/mod.php?mod=compose)"

I'd be hard-pressed to find some other description for these actions besides "filtering the outgoing address", which as we've established, happens on Port 53 (when going outside of one's machine).




Oddysey

I'm no longer in the rat race - the rats won't have me!
Add Thank You Quote this message in a reply
Jan. 13, 2009, 02:01 PM
Post: #50
RE: exception error raised in sslstart
I found a link where proxomitron causes a error in SSL. To see it, clear your cache and go to https://addons.mozilla.org/seamonkey/addon/445

My dlls are dated from 2004, and i can't debug the code of a secure page...
Add Thank You Quote this message in a reply
Jan. 13, 2009, 03:04 PM
Post: #51
RE: exception error raised in sslstart
(Jan. 13, 2009 02:01 PM)lnminente Wrote:  My dlls are dated from 2004, and i can't debug the code of a secure page...

Doesn't http://_YOUR_CHOSEN_PREFIX_dbug..https..addons.mozilla.org/en-US/seamonkey/addon/445 work for you?
Add Thank You Quote this message in a reply
Jan. 13, 2009, 04:15 PM (This post was last modified: Jan. 13, 2009 04:59 PM by lnminente.)
Post: #52
RE: exception error raised in sslstart
Ups, sorry! The problem was in the connection settings of my browser, i didn't use to filter ssl content :/

Now the connection settings are well, proxomitron configured to filter SSL pages, and it seems i need to update the dll files...
Now the cert! Saint Geek give me patience!!

dlls from sidki: http://sidki.proxfilter.net/prox/ssl-stu...d-rev1.zip
cert from yahoo groups: http://groups.yahoo.com/group/prox-list/...080923.zip

Testing in Firefox 3.0.5 and 3.1b2(lot faster) i had to accept a lot of ssl problems and exceptions... doesn't seem very promising...

Is it usual to have 16 "active" connections for a while after loading the secure page?
Add Thank You Quote this message in a reply
Jan. 13, 2009, 05:29 PM
Post: #53
RE: exception error raised in sslstart
Nope.

BTW, you don't need to configure an HTTPS proxy for your browser while using URL commands like above.
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: