You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2007/05/18 01:06:28 UTC
DO NOT REPLY [Bug 29744] - CONNECT does not work over existing SSL connection
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=29744>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=29744
------- Additional Comments From parwy@parwy.com 2007-05-17 16:06 -------
Hi Julian, I was very excited about this patch as its exactly what I'm looking
for. I tried applying this patch to "proxytunnel 1.7.0 2007-02-25 11:46". On
executing ssh with something akin to:
proxytunnel -q -R -p proxy.local:8080 -r proxy.remote.org:443 -d ssh.remote.org:22
it CONNECTs through the first proxy, CONNECTs through the second proxy to
ssh.remote.org:22, however is immediately disconnected. When I look at
/var/log/secure all I see is a message like:
May 17 22:25:16 server1 sshd[31530]: Did not receive identification string from
127.0.0.1
for every connect attempt. Did you experience anything similar, any ideas?
I've tried testing with 2 proxies where the second proxy is running without SSL
(and so also without using the -R option) and everything works okay. Its only
when I make the second proxy use SSL and add the -R option that I get immediate
disconnect from the sshd daemon.
Regards
Parwy Sekhon
(In reply to comment #37)
> Created an attachment (id=19723)
--> (http://issues.apache.org/bugzilla/attachment.cgi?id=19723&action=view) [edit]
> Patch for proxytunnel 1.7.0 to have two proxies with second one SSL encrypted
>
> Thanks for this advice! Amusingly, I fixed the problem just yesterday: I used
> the SVN version of proxytunnel, patched so that I could do the following:
>
> putty -> proxytunnel -> local proxy (unencrypted) -> remote Apache HTTPS
> encrypted -> SSH
>
> (The firewall required the second CONNECT to be encrypted.) The patch is
> attached; it includes recent SVN fixes, as well as my patch to introduce -R,
> meaning encrypt from the second proxy. The command line will then read:
>
> proxytunnel -q -R -p proxy.local:8000 -r proxy.remote.org:443 -d
> ssh.remote.org:22
>
> I hope this is of help to others.
>
> Julian
(In reply to comment #37)
> Created an attachment (id=19723)
--> (http://issues.apache.org/bugzilla/attachment.cgi?id=19723&action=view) [edit]
> Patch for proxytunnel 1.7.0 to have two proxies with second one SSL encrypted
>
> Thanks for this advice! Amusingly, I fixed the problem just yesterday: I used
> the SVN version of proxytunnel, patched so that I could do the following:
>
> putty -> proxytunnel -> local proxy (unencrypted) -> remote Apache HTTPS
> encrypted -> SSH
>
> (The firewall required the second CONNECT to be encrypted.) The patch is
> attached; it includes recent SVN fixes, as well as my patch to introduce -R,
> meaning encrypt from the second proxy. The command line will then read:
>
> proxytunnel -q -R -p proxy.local:8000 -r proxy.remote.org:443 -d
> ssh.remote.org:22
>
> I hope this is of help to others.
>
> Julian
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org