[Proxytunnel-users] tunnel over http-proxy not really working with ssl ? (with patch)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

First of all, i'd like to thank all the contributors to such a small but 
great tool ! Thanks !

Secondly, i tried to create a setup like Dag Wieers described, to use a 
remote proxy which would tunnel to a SSH-daemon, but with encryption 
(ssl) enabled. Otherwise, the layer-7 proxy would still filter out my 
connection :-(

Unfortunately, i couldn't get it to work. But after investigation of the 
various communications (proxytunnel vs. proxy, proxy vs. remote proxy) I 
discovered that proxytunnel was still talking http to the remote proxy, 
when the remote proxy was expecting httpS.

The reason was that the ssl-part was only enabled (do_ssl())_after_ the 
complete proxy-setup was done, which is too late when we want to 
talk SSL to a remote proxy.

I've attached a patch which does the do_ssl() call a bit earlier (during 
proxy_protocol()) and uses a global flag (yugh, ugly) to decide whether we 
need SSL or not when reading/writing sockets.

I've not been able to test whether stuff like ntlm still works, but both 
the encrypted and non-encrypted versions with a remote proxy _do_ work now 
:-)

Cheers,
Taco.
- --
If I'm not here, it means I've gone out to find myself.
If I get back before I return, please keep me here.
- --
GPG KeyID=0x9DD13814
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFE/Yuk6WlwGJ3ROBQRAj6vAJ9bvv9Z85jHFzLKccZs6Zb3V2e70QCgpA4r
xEmB2SbdyJI4g9WTMkccoYQ=
=PGg/
-----END PGP SIGNATURE-----