Thanks Francois for uploading and updating the file. Francois also asks me to explain a little what's done in the modification.
It's actually similar to the socks support. Instead of using a socks4 or socks5 proxy, the changes allow a socket to tunnel through HTTP proxy that supports the CONNECT method. Basic authentication scheme is supported. I tried to mimic the existing socks support code and add http proxy support in parallel. Please note that some HTTP proxy server configurations do not support CONNECT method on none-443 ports. The changes are for ICS version 5 beta. Many people (Team ICS and the list members) know ICS and Delphi much better than I do. It would be great for you to review the changes to make sure I'm doing it right :) Below are some issues that I can think of. Some are in my modification some in the existing code for socks proxy support, which will take more time to improve, and I am not the right person to fix it really. - socks and SSL support in existing ICS code is not done in the ideal way. As it is now, a socket is either an SSL socket or a socks socket. An SSL connection should also also be able to go through a proxy server, but not with the current code. The SSL support should ideally be on top of proxy (socks or http proxy) support. - http proxy support is added in parallel to socks, and http processing is done after socks processing in the code. Only one type of proxy (socks or http) can be used in one socket. This design of course will not support proxy chaining. Ideally, proxy support should be flexible enough to chain any number of socks and http proxies that support CONNECT method. - the modification supports Basic authentication scheme only, and does not support Digest authentication scheme (quite some work :) - Once HTTP header is received, I'm reading one byte a time to read the rest of the reply, which is not the most efficient way. Since it's mostly reading from a buffer in memory, it should not be a big deal. This has no impact if HTTP proxy is not in use. -- Best regards, Jack Saturday, December 9, 2006, 1:13:30 AM, you wrote: > Updated today. > -- > Contribute to the SSL Effort. Visit > http://www.overbyte.be/eng/ssl.html > -- > [EMAIL PROTECTED] > http://www.overbyte.be > ----- Original Message ----- > From: "Francois PIETTE" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: Friday, December 08, 2006 8:27 PM > Subject: [twsocket] TWSocket support for HTTP proxy >> Jack has patched the latest beta (Downloaded about a week ago) to have >> TWSocket support http proxy tunneling. I've uploaded the file at >> http://www.overbyte.be/arch/dump/WSocketHttpProxy.zip for everyone review. -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
