Article delegate-en/2341 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] Using upstream proxy with sslway
14 Jul 2003 10:57:25 GMT "Marc Erdmann" <peueqbdyi-53hcb3o2uctr.ml@ml.delegate.org>


Hello,

I try to get the following setup running:

HTTP-Client ---> DELEGATE --(HTTPS-Connect)--> Squid-Proxy with CONNECT
enabled (10.0.0.5) ----> HTTPs Server requiring user certificates
(securedsite)

I converted the certificates I tested with my web browser to PEM and
started delegated with the following command line:

delegated -f -v CACHE=no SERVER=http -P8005 DGROOT="/tmp/delegate"
PERMIT="*:*:*" SSLTUNNEL="10.0.0.5:80"  MOUNT="/* https://securedsite/*"
FSV="/usr/local/sbin/sslway -cert /etc/delegate/securedsite.pem -pass
pass:Geheim"

The browser reports "Document contains no data" and I assume that sslway
loads the certificate correctly but fails to negotiate with the webserver,
which is not under my control. I also have no access to the squid's
logfiles.

Does anyone knows how to solve this problem or has a similar setup running?

thanks in advance
   marc erdmann

Debug output:
07/14 12:59:18.61 [14029] 0+0: PORT= 8005/8 (31,69)
07/14 12:59:18.61 [14029] 0+0: OWNER=nobody =>
OWNER=nobody/nobody(nobody/nobody)
07/14 12:59:18.61 [14029] 0+0: default netmask 127.0.0.1/. = FFFFFF00
07/14 12:59:18.61 [14029] 0+0: REMITTABLE =
http,https/{443,563},gopher,ftp,wais
07/14 12:59:18.61 [14029] 0+0: PATH: gzip -> /bin/gzip
07/14 12:59:18.61 [14029] 0+0: #### gzip = [/bin/gzip]gzip
07/14 12:59:18.61 [14029] 0+0: #### gunzip = [/bin/gzip]gzip -d
07/14 12:59:18.61 [14029] 0+0: ADMIN=root@p10 protocol=http(specialist)
-delegated[14029]- WARNING! ADMIN="your_mail_address" should be specified.
-delegated[14029]- INFO: using ADMIN=root@p10 given at compile time.
07/14 12:59:18.61 [14029] 0+0: MOUNT[0]X[3] /-/builtin/icons/* = default
07/14 12:59:18.61 [14029] 0+0: MOUNT[1]X[4] /-/* =
forbidden,from=!.RELIABLE,default
07/14 12:59:18.61 [14029] 0+0: MOUNT[2]X[0] /-* = default
07/14 12:59:18.61 [14029] 0+0: MOUNT[3]X[1] /=* = default
07/14 12:59:18.61 [14029] 0+0: MOUNT[4]X[2] /*
https://wpdirect.westlb.sko.de/*
07/14 12:59:18.61 [14029] 0+0: gethostbyname(securedsite) unknown[0.00s]
07/14 12:59:18.61 [14029] 0+0: ERROR MOUNT.rhost[1] securedsite ? unknown
07/14 12:59:18.61 [14029] 0+0: Stay open PIDFILE for accept() lock[fd=5]
07/14 12:59:18.61 [14029] 0+0: env[23]
LIBPATH=.;/etc/delegate;/tmp/delegate/lib;.
07/14 12:59:18.61 [14029] 0+0: env[25] RESOLV=cache,file,dns
07/14 12:59:18.61 [14029] 0+0: arg[3] CACHE=no
07/14 12:59:18.61 [14029] 0+0: arg[4] SERVER=http
07/14 12:59:18.61 [14029] 0+0: arg[6] DGROOT=/tmp/delegate
07/14 12:59:18.61 [14029] 0+0: arg[7] PERMIT=*:*:*
07/14 12:59:18.61 [14029] 0+0: arg[8] SSLTUNNEL=10.0.0.5:80
07/14 12:59:18.61 [14029] 0+0: arg[9] MOUNT=/*
https://wpdirect.westlb.sko.de/*
07/14 12:59:18.61 [14029] 0+0: arg[10] FSV=/usr/local/sbin/sslway -cert
/etc/delegate/securedsite.pem -pass pass:Geheim
07/14 12:59:18.61 [14029] 0+0: DELEGATE_Modified[0]: 3f128cfe
07/14 12:59:18.61 [14029] 0+0: --INITIALIZATION DONE--
07/14 12:59:18.62 [14030] 1+0: -- Fork(SequentialServer): 14029 -> 14030
07/14 12:59:18.63 [14030] 1+1: (0) accepted [19]
-@[18.22.130.10]client:4370 (0.003s)(1)
07/14 12:59:18.63 [14030] 1+1: Proxy: host=client; User-Agent:
Mozilla/4.75 [de]C-CCK-MCD DT  (WinNT; U); DIRECT
07/14 12:59:18.63 [14030] 1+1: HCKA:[0] Keep-Alive; host=client;
(User-Agent: Mozilla/4.75 [de]C-CCK-MCD DT  (WinNT; U))
07/14 12:59:18.63 [14030] 1+1: *** / => https://securedsite/ ***
07/14 12:59:18.63 [14030] 1+1: REQUEST - GET / HTTP/1.0^M
07/14 12:59:18.63 [14030] 1+1: *** / => https://securedsite/ ***
07/14 12:59:18.63 [14030] 1+1: REQUEST +M https://securedsite/ HTTP/1.0^M
07/14 12:59:18.63 [14030] 1+1: PATH>
https://p10:443!p10:8005!client:4370!anonymous@client;1058180358
07/14 12:59:18.63 [14030] 1+1: REQUEST = [https://securedsite:443/] GET /
HTTP/1.0^M
07/14 12:59:18.63 [14030] 1+1: XHost: (0,0,1) securedsite <= p10:8005
07/14 12:59:18.69 [14030] 1+1: SSLtunnel connected [14] {10.0.0.5:80 <-
p10:37707} [0.065s]
07/14 12:59:18.69 [14030] 1+1: SSL-TUNNEL<< securedsite:443
07/14 12:59:18.78 [14030] 1+1: SSL-TUNNEL>> HTTP/1.0 200 Connection
established^M
07/14 12:59:18.78 [14030] 1+1: SSL-TUNNEL>> ^M
07/14 12:59:18.85 [14030] 1+1: [FSV] 07/14 12:59:18.85 [14030] 1+1: HTTP
=> (securedsite:443) GET / HTTP/1.0^M
07/14 12:59:18.85 [14031] 1+1: -- Fork(FSV): 14030 -> 14031
07/14 12:59:18.85 [14031] 1+1: #### execFilter[FSV] /usr/local/sbin/sslway
-cert /etc/delegate/securedsite.pem -pass pass:Geheim
07/14 12:59:18.85 [14030] 1+1: #PROXY REQUEST = GET https://securedsite/
HTTP/1.0^M
07/14 12:59:18.85 [14030] 1+1: #HT11 FORCE HTTP/1.1 or Connection:keep-alive
## SSLway[14031](client) C-S? 343/343 -> -1/SSL
07/14 12:59:18.85 [14030] 1+1: HTTP realy_response: EOF at start
07/14 12:59:18.85 [14030] 1+1: #HT11 EOF from the server
07/14 12:59:18.85 [14030] 1+1: #HT11 close svsokcs[17,18]
07/14 12:59:18.85 [14030] 1+1/1: HCKA:[1] closed -- ?
07/14 12:59:18.86 [14030] 1+1/1: disconnected [19]
-@[18.22.130.10]client:4370 (0.232s)(0)




  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V