help with https connection through proxy with IIS

cguardia cguardia at aldeasystems.com
Wed Nov 27 01:28:34 EST 2002 

Hi,

I've run into an unsolvable (for me, that is) problem when trying to 
connect to a web server (Apache works fine, but it has to be IIS) through 
a proxy using the https protocol and certificates. Maybe someone on the 
list has experienced something similar and can shed some light for me.

I'm using python 2.2 with a patched httplib. Here is a small description 
of what I have tried so far:

1. My httplib is patched with patch no. 515003 ("Better documentation for 
the patched httplib.py"). I further modified the code, removing every 
line with "skip_host=...", since the library didn't seem to work with 
those lines in there.
2. I tried to connect to a web server through the Squid proxy using basic 
authentication. The server also requires a client certificate to allow 
the connection to take place.

I found that:

a. Using Apache, both GET and POST requests work perfectly.
b. When using IIS, neither of those request methods works. POST sends 
back a 200 status code, but with an empty response instead of OK, and no 
content. GET has exactly the same problem. Here is a POST example:

>>> 
conn=httplib.HTTPSProxyConnection("svrcvca:3128","dell-latitude",port=443,
....             key_file='ISS_Aut_Desarrollo_Dell-latitude.pem',
....             cert_file='ISS_Aut_Desarrollo_Dell-latitude.pem')
>>> conn.set_debuglevel(9)
>>> conn.connect()
connect: (svrcvca, 3128)
send: 'CONNECT dell-latitude:443 HTTP/1.1\r\n'
send: 'Host: dell-latitude:443\r\n'
send: 'Accept-Encoding: identity\r\n'
send: '\r\n'
reply: 'HTTP/1.0 200 Connection established\r\n'
Enter PEM pass phrase:
>>> conn.request("POST","/Scripts/PruebaISS.py",body,headers=headers)
send: 'POST /Scripts/PruebaISS.py HTTP/1.1\r\n'
send: 'Host: dell-latitude:443\r\n'
send: 'Accept-Encoding: identity\r\n'
send: 'Content-Length: 64\r\n'
send: 'Accept: text/plain,text/html\r\n'
send: 'Content-type: application/x-www-form-urlencoded\r\n'
send: 'AUTHORIZATION: Basic aXNhYWM6c2Fsc2Jlcmc=\r\n'
send: '\r\n'
send: 'sexo=X&email=3l+ded+yahoo&name=juancho+pere3z&checkboxito=nagual'
>>> resp=conn.getresponse()
reply: ''
>>> resp.status,resp.reason # Note the empty resp.reason
(200, '')
>>> data=resp.read() # Ya no se puede leer la respuesta
Traceback (most recent call last):
  File "<stdin>", line 1, in ?
  File "/usr/local/lib/python2.1/httplib.py", line 249, in read
    value = value + self._safe_read(chunk_left)
  File "/usr/local/lib/python2.1/httplib.py", line 317, in _safe_read
    chunk = self.fp.read(amt)
TypeError: an integer is required

3. If I don't request a client certificate, POST works, but GET doesn't 
(it keeps waiting forever for a response).

If anyone knows anything that can help me solve this problem I will 
really appreciate it. Thanks very much.

--
Carlos de la Guardia
Aldea Systems

More information about the Python-list mailing list