Hi all:
I am trying to write an interceptor proxy as an extension to mozilla. It is
something similar to webscarab or paros. I am facing a problem while browsing
some HTTPS sites that use SSLv3 speciafically when I chain another proxy like
squid with my own proxy. The reason for this is as follows. To effectively do a
handshake with the target server when there is another proxy chained with my
proxy, I have written an SSL Client. The client code is similar to what is
described in the SSLSample in mozilla code base
(http://lxr.mozilla.org/seamonkey/source/security/nss/cmd/SSLsample). But I am
still not able to browse sites like
https://www.lufthansa.com/online/portal/lh/de/generalinfo/apps/web_check-in?tl=1&l=en.
I have some limitations to debug this problem as tools like ethereal can't
show encrypted data. What I am sure of though is that the handshake with the
target server is failing. If I chain an interceptor proxy like paros with my
proxy, then everything works fine. This is because paros throws its own
certificate rather than passing on the certificate of the target server.
My question to this forum is, does anybody know if there is anything
missing (especially regarding SSLv3) in the SSLsample that is available in
mozilla's code base? If so, what is it?
Thanks.
Best Regards.
Umesh.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
