HTTP has CONNECT / GET / POST ... methods. If my client program pass through a proxy and access the web. it looks like : my_client --> proxy --> web server.
OPENSSL is a powerful lib to deal with HTTPS(SSL/TLS).I'm trying to use this lib to access the web server through the middle side proxy server. Without the middle side the client program works well.
I just don't know how to deal with the middle side proxy.
According to the wireshark packages,the following steps:
1.It should build a connection with the middle side proxy by using HTTP CONNECT method.the protocol package contains the web server information.
2.start SSL/TLS handshake .(client hello / server hello / exchange cipher ...)
3.HTTP request and response with encryption.
The “1.” step is easy , just some normal socket connect with proxy , tcp text with CONNECT method contains some web server info , and reponse the "200 OK connect established ";
The "2." step failed. I combine the the "1." step socket with ssl context, and call
SSL_connect
to deal with the handshake, failed.
What I have tried:
some code fragments to explain what i'm trying to deal with.
WSAStartup(MAKEWORD(2,2),&wsaData);
handle = socket(AF_INET, SOCK_STREAM, 0);
connect(handle, (struct sockaddr *) &server,sizeof (struct sockaddr));
Proxy_CONNECT_reqstr(req_str);
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
sslContext = SSL_CTX_new(SSLv23_client_method());
sslHandle = SSL_new(c->sslContext);
SSL_set_fd(sslHandle , handle );
SSL_connect(sslHandle);
Hope someone give me an example about using OPENSSL to access the web server through the middle side proxy.