[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: httpapi and proxy servers

To: <ftpapi@xxxxxxxxxxxxx>
Subject: RE: httpapi and proxy servers
From: "Ian Patterson" <ian@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 15 Sep 2004 17:45:03 +0100
Importance: Normal
In-reply-to: <20040915110419.K62907@grungy.dstorm.net>
Reply-to: ftpapi@xxxxxxxxxxxxx
Sender: owner-ftpapi@xxxxxxxxxxxxx

Sender: "Ian Patterson" <ian@xxxxxxxxxxxxxxxxxxxx>

Thanks Scott,

Just so I fully understand the situation -
When I send an http post using HTTPAPI via SSL, all of the http header info,
(e.g. content type, User Agent etc) is encoded.
So the destination address is further 'up' in the TCP headers somewhere and
not part of the HTTP data. (Which is why I thought it might be clear).

Hence I don't need to 'see' my 443 http stuff in the sniffer to determine
what the proxy is doing, I can change it to port 80.

Therefor the main problem I forsee will be to transmit on a different port
to 443, as our test proxy requires a port connection something like 8080.

Regards

Ian Patterson

ian@xxxxxxxxxxxxxxxxx <mailto:ian@xxxxxxxxxxxxxxxxx>

Grange IT Limited
tel 01947 880458
www.grangesystems.com



-----Original Message-----
From: owner-ftpapi@xxxxxxxxxxxxx [mailto:owner-ftpapi@xxxxxxxxxxxxx]On
Behalf Of Scott Klement
Sent: 15 September 2004 17:08
To: ftpapi@xxxxxxxxxxxxx
Subject: RE: httpapi and proxy servers


Sender: Scott Klement <sk@xxxxxxxxxxxxxxxx>


> Q1. Does anyone know if the HTTP headers are clear in a 443 transmission ?

Whenever you work with SSL, you encrypt everything.  SSL acts as a "layer"
that's inbetween your program and the socket API.  It takes all of the
data that you send to it, encrypts it, and then passes the encrypted data
to the actual send() API for the socket.

It doesn't know what the data on the socket is, it doesn't understand that
some of it is headers and other parts are data.  It just encrypts
everything.

The nice thing about this design is you can use it for other protocols
besides HTTP.  You can use it for Telnet/TN5250, FTP, LDAP, IMAP, etc,
since it doesn't need to understand the underlying protocol.


> Q2. Does anyone have a recommendation for a sniffer that works with port
443
> ?

Nope.  However, if you sniff port 80, you should be able to do the same
thing on port 443.  The only difference between them should be the letters
'http' instead of 'https' and the fact that port 443 is encrypted.

And, don't forget that it's possible to use other ports besides 80 & 443.
:)

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------


-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------

Follow-Ups:
- RE: httpapi and proxy servers
  - From: Scott Klement

References:
- RE: httpapi and proxy servers
  - From: Scott Klement

Prev by Date: RE: httpapi and proxy servers
Next by Date: RE: httpapi and proxy servers
Previous by thread: RE: httpapi and proxy servers
Next by thread: RE: httpapi and proxy servers
Index(es):
- Date
- Thread