The request will be something like CONNECT <host:port> HTTP/1.0
You need to open a connection to host:port. Anything you get from your client, you pass along to host:port. Anything you get from host:port you pass along to your client. It doesn't matter if the request is SSL. If you decrypt the messages from host:port and reencrypt them for your client, the client should (hopefully) recognize that as a bucket-brigade attack, since the SSL certificate doesn't match the requested web page URL. -----Original Message----- From: Steve Sapovits [mailto:[EMAIL PROTECTED]] Sent: Saturday, July 06, 2002 4:09 PM To: [EMAIL PROTECTED] Subject: SSL proxying I wrote a simple proxy using LWP. The long term intent will be to filter HTTP transactions for certain internal applications. This works fine for regular HTTP requests/responses. But requesting an SSL page, I'm not sure what to do with the CONNECT request. Is there sample code somewhere on the web showing how to extend simple proxying to include SSL? FYI, I use SSL regularly as part of standard https requests when using LWP strictly as an automated browser engine. So the prerequisite SSL pieces (OpenSSL, SSLeay) are installed and working for that sort of usage. -- Steve Sapovits GSI Commerce http://www.gsicommerce.com Email: [EMAIL PROTECTED] ********************************************************************** This e-mail is intended only for the addressee named above. As this e-mail may contain confidential or privileged information, if you are not the named addressee, you are not authorised to retain, read, copy or disseminate this message or any part of it. ************************************************************************
