Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
607 views
in Technique[技术] by (71.8m points)

c# - SSL (https) error on my custom proxy server

here's?i?mode?code!??when?i?send?http?request?from?firefox?it?work?fine!?but?when?i?try?https?firefox?reply?with?this:

An error occurred during a connection to mail.yahoo.com. SSL received a record with an unknown content type. (Error code: ssl_error_rx_unknown_record_type)

I?debug?the?code?it?successfully?connect?to?https?and?recive?the?bytes?but?when?it?pass?it?to?socket?it?will?reject:

Tehre's?a?listener?on?8080,?and?my?code?is:

ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);
            System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;
            CookieContainer cookie = new CookieContainer();
            if (strClientConnection.Contains("443")) {
                strClientConnection = "https://" + strClientConnection.Replace(":443",""); 
            };
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(strClientConnection);
            request.CookieContainer = cookie;
            request.KeepAlive = true;
            request.Timeout = 120000;
            request.AllowAutoRedirect = true;
            request.ReadWriteTimeout = 120000;
            request.Method = "POST";
            {
                using (HttpWebResponse myWebResponse = (HttpWebResponse)request.GetResponse())
                {
                    bool isSuccess = (int)myWebResponse.StatusCode < 299 && (int)myWebResponse.StatusCode >= 200;
                    if (isSuccess)
                    {
                        using (Stream reader = myWebResponse.GetResponseStream())
                        {
                            int BytesRead = 0;
                            Byte[] Buffer = new Byte[32];
                            int BytesSent = 0;
                            BytesRead = reader.Read(Buffer, 0, 32);

                            while (BytesRead != 0)
                            {
                                m_sockClient.Send(Buffer, BytesRead, 0);
                                BytesSent += BytesRead;
                                BytesRead = reader.Read(Buffer, 0, 32);
                            }
                        }
                    }
                }
            }
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

An HTTP proxy normally does not make the HTTPS request itself (unless it's specifically designed to make an "official" Man-In-The-Middle attack).

HTTP clients (including browsers) use the HTTP CONNECT method to tell the proxy server to forward the entire HTTPS request (effectively, the SSL/TLS) tunnel to the target HTTPS server.

When you get a CONNECT request on your proxy (say CONNECT host.example.org:443), you should make a direct TCP connection to host.example.org:443 and relay its content (both ways) to the browser, without alteration.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...