HTTPS PROXY USING GNU TLS
I am writing a https proxy in c++, I am using ubuntu 10.04 and using gnutls-2.10.0.
I know only google.com i.e request is of the form
**************************
GET https://www.google.com/ HTTP/1.1
User-Agent: NetSurf/2.6 (Linux; i686)
Host: www.google.com
-------
----------
I am able to receive response in the form of chunks and I am able to see almost entire content and I am using
ret = gnutls_record_recv (session, buffer_new, MAX_BUF); this statement in a for loop.
and I want to come out of the loop after receiving the entire content. i.e I use different flags like
GNUTLS_E_UNEXPECTED_PACKET
GNUTLS_E_INTERRUPTED
the recv call block for a while (nearly 30 mins) even after entire content is received,I want to know how I can come out, I tried few options but none of them work. Please help me and explain this
Thanking you
I know only google.com i.e request is of the form
**************************
GET https://www.google.com/ HTTP/1.1
User-Agent: NetSurf/2.6 (Linux; i686)
Host: www.google.com
-------
----------
I am able to receive response in the form of chunks and I am able to see almost entire content and I am using
ret = gnutls_record_recv (session, buffer_new, MAX_BUF); this statement in a for loop.
and I want to come out of the loop after receiving the entire content. i.e I use different flags like
GNUTLS_E_UNEXPECTED_PACKET
GNUTLS_E_INTERRUPTED
the recv call block for a while (nearly 30 mins) even after entire content is received,I want to know how I can come out, I tried few options but none of them work. Please help me and explain this
Thanking you
sweetfa2
Do you disconnect your sender?
ASKER
Thanks for the reply, I think I do not need to disconnect by proxy (sender) or my browser .
Because I want my proxy to work for one connection to the web server...But can handle few requests from browser like
GET https://www.google.com/ HTTP/1.1
GET https://www.google.com/favicon.ico HTTP/1.1
Because I want my proxy to work for one connection to the web server...But can handle few requests from browser like
GET https://www.google.com/ HTTP/1.1
GET https://www.google.com/favicon.ico HTTP/1.1
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I don't know why you don't have this in the C and C++ zones.
ASKER
I thought I included c++ also, But my loop structure is
for(;;)
{
memset (buffer_new, 0, MAX_BUF + 1);
ret = gnutls_record_recv (session, buffer_new, MAX_BUF);
temp=send(_browser, buffer_new, ret, 0);
}
After receiving entire content Even If I used gnutls_record_check_pendin
But in the last iteration the control blocks at ret = gnutls_record_recv (session, buffer_new, MAX_BUF);.
for(;;)
{
memset (buffer_new, 0, MAX_BUF + 1);
ret = gnutls_record_recv (session, buffer_new, MAX_BUF);
temp=send(_browser, buffer_new, ret, 0);
}
After receiving entire content Even If I used gnutls_record_check_pendin
But in the last iteration the control blocks at ret = gnutls_record_recv (session, buffer_new, MAX_BUF);.
You have not yet got EOF. Until the socket disconnects you won't get EOF. As far as I recall there is an ioctl or something you can set on the socket to have it timeout if no more data is received. No guarantees on that one though - it was a long time ago.
ASKER
Actually I am using only one socket or only allowing a single connection form proxy to web server, I am able to see all the content back, But unable to understand exactly find the EOF.
There might be some or other means in normal http proxy to stop receiving in recv() method. I used MSG_DONTWAIT flag.
used select() to take care of which socket to read previously. But here I am unable to come out of that hanging statement.
There might be some or other means in normal http proxy to stop receiving in recv() method. I used MSG_DONTWAIT flag.
used select() to take care of which socket to read previously. But here I am unable to come out of that hanging statement.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks alot, I am able to find the pattern at EOF and came out of the loop. CAn you help me with the next question or any suggestion.
am writing a https proxy
I am using gnutls to connect to https:www.google.com and I am able to receive the complete response and rendered back to the browser.
Initiallly loop structure
establishing gnu tls session here //need help here -----1
do
{
select()
if (browser wannts to talk)
//in a loop
then send received request to server
if (server wants to talk)
//in a loop
receive data and sent back to browser
}while(true)
Initial request is of the form https:www.google.com...and works fine.
After that browser sends another request like
GET https://www.google.com/favicon.ico HTTP/1.1
----
----
Here I know that web server is not closing the TCP connection because I able to see in wireshark, But I think gnutls session is closed.
Do some one know...how Rehandshake is established...or conform how the protocal need to work after this step to render the complete google.com page in browser.
I hope session need to be re created (not sure) or use sone method calls like rehandshake to re establish the session.
Please help me regarding this.
am writing a https proxy
I am using gnutls to connect to https:www.google.com and I am able to receive the complete response and rendered back to the browser.
Initiallly loop structure
establishing gnu tls session here //need help here -----1
do
{
select()
if (browser wannts to talk)
//in a loop
then send received request to server
if (server wants to talk)
//in a loop
receive data and sent back to browser
}while(true)
Initial request is of the form https:www.google.com...and works fine.
After that browser sends another request like
GET https://www.google.com/favicon.ico HTTP/1.1
----
----
Here I know that web server is not closing the TCP connection because I able to see in wireshark, But I think gnutls session is closed.
Do some one know...how Rehandshake is established...or conform how the protocal need to work after this step to render the complete google.com page in browser.
I hope session need to be re created (not sure) or use sone method calls like rehandshake to re establish the session.
Please help me regarding this.