proxy --->Server In this environment, the client is behind the http proxy, and the client needs to utilize the proxy http tunnel in"/> proxy --->Server In this environment, the client is behind the http proxy, and the client needs to utilize the proxy http tunnel in">
search

Home  >  Article  >  Backend Development  >  How to send Client Hello through http proxy tunnel

How to send Client Hello through http proxy tunnel

王林
王林forward
2024-02-12 18:06:15463browse

如何通过 http 代理隧道发送 Client Hello

Question content

I have a client that will establish a tls connection to a backend service.

There are two situations I encountered.

  1. Direct network: client--->server

    In this environment, the client connects directly to the server, as shown in the following code. 

var d tls.dialer
   //...
   d.config = &tls.config{
        //...
   }
   //...
   c1 := d.dial("tcp", addr)
  1. Proxy network: client--->proxy--->server

    In this environment, the client is behind an http proxy and the client needs to utilize the proxy http tunnel to forward traffic between the client and the server.

    I use golang.org/x/net/proxy on the client side to connect to the proxy, because the proxy is an http proxy, the client should use net.dialer to connect to the proxy through tcp. 

dailer, err := proxy.FromURL(proxy, &net.Dialer{
        Timeout:   TCP_CONNECT_TIMEOUT,
        KeepAlive: TCP_KEEPALIVE_TIMEOUT,
    })
   c2 := dailer.Dial("tcp", addr)

Case 1, the client starts the tls connection. In the network traffic packet, the client triggers the tcp connection. After 3 handshakes, the client sends client hello to the server.

In case 2, the client first uses tcp to connect to the http proxy (for example 10.0.0.1:8080), next, sends connect to the proxy, and then the proxy returns connectionestablished, But the client does not send client hello to the server.

For case2, I don't know how and where to implement sending client hello on the client side?

Thanks in advance.

Solution

After searching go doc, I found the solution. I hope it will be useful to people who encounter similar problems later.

In tls, there is a function client that can be built from an existing network. Conn, then use Handshake

tlsConn := tls.Client(conn, &tls.Config{
    Certificates:       []tls.Certificate{*cert},
    InsecureSkipVerify: true,
    ServerName:         sni,
    ClientAuth:         tls.RequestClientCert,
})
err = tlsConn.Handshake()

The above is the detailed content of How to send Client Hello through http proxy tunnel. For more information, please follow other related articles on the PHP Chinese website!

golang http
Statement:
This article is reproduced at:stackoverflow.com. If there is any infringement, please contact admin@php.cn delete
Previous article:Is it possible to create a service in Go that both consumes a message stream (from Kafka) and reads REST API requests?Next article:Is it possible to create a service in Go that both consumes a message stream (from Kafka) and reads REST API requests?

Related articles

See more