1

I am using SSL tunneling with a proxy server to connect to a target server. I use http to connect to the proxy server and HTTPS to connect to the target server. The SSL tunneling works as it should and I can exchange HTTPS messages with the remote server, but there is a problem. The proxy server returns a header in its reply to urllib2's request to establish the SSL tunnel that I need to see, but I don't see a way to get access to it using urllib2 (Python 2.7.3).

I suppose I could theoretically implement the SSL tunneling handshake myself, but that would get me way deeper into the protocol than I want to be (or with which I feel comfortable).

Is there a way to get access to the reply using urllib2 when establishing the SSL tunnel?

UPDATE:

Here is the code that uses the proxy server to connect to the target server (the proxy server and the target server's URLs are not the actual ones):

proxy_handler = urllib2.ProxyHandler({'https': 'http://proxy.com'})
url_opener = urllib2.build_opener (proxy_handler)
request = urllib2.Request ('https://target_server.com/')
response = url_opener.open (request)
print response.headers.dict

I used WireShark to look at the message traffic. WireShark won't show me the bodies of the messages exchanged with the target server because they are encrypted, but I can see the body of the SSL Tunnel handshake. I can see the header that I'm interested coming back from the proxy server.

david193
  • 155
  • 1
  • 10
  • Do you mean you need headers from CONNECT request? It seems [`httplib` that `urlllib2` uses to make connections doesn't preserve the response headers for CONNECT request](http://hg.python.org/cpython/file/10314c9b7c5a/Lib/httplib.py#l735). – jfs Nov 21 '12 at 00:59
  • Yes, Sebastian. urllib2 sends a packet with this in the body: "CONNECT target_server.com:443 HTTP/1.1\r\n\r\n". The proxy server responds with a reply containing the header of interest. Then message traffic continues with, I believe, SSL authentication data. -- I am prepared to believe that the header is lost. It urllib2 doesn't provide an interface to retrieve that header, I'll have to come up with a workaround. – david193 Nov 21 '12 at 21:35

1 Answers1

0

How are you calling the https page.

are you using 

resp = urllib2.urlopen('https')
resp.info().headers
Ryan G
  • 9,184
  • 4
  • 27
  • 27
  • Ryan, I've updated my original post to show my code. response.info().headers is one of the variations I've tried to examine the headers. – david193 Nov 21 '12 at 21:37
  • Ok got it. I have to run for a bit, but could you try this: curr_headers = response.__dict__['headers'] curr_headers.items() To view the data gathered from the headers message in the response dictionary. I haven't tested yet, but off the top of my head before leaving, it seems plausible. – Ryan G Nov 21 '12 at 22:41