Howdy all,
I've written myself a nice little web proxy which removes certain tags,
references to banner sites, pesky javascript features, and so
on from web pages that I download. I would like to extend it to do
the same thing for secure web pages. Basicly I want to decrypt the
SSL stream at the web proxy and modify it before I encrypt it again
and send it on to its final destination.
Currently for SSL connections my web proxy receives a cleartext URL
for where the brower wants to connect, then makes a connection to the
remote server, then passes packets back and forth between the client
and the remove server until either a read or write fails, in which case it
assumes that the conversation between the two servers is over
and it resets itself for the next connection.
With a setup like what I just described, would it be possible to add
extra steps where the proxy talks directly to both the client and the
remote server and can decrypt the data stream in between?
When replying, please keep in mind that I know very little about
cryptography, and I'm not familiar with the OpenSSL library beyond
what it would take to make a SSL aware telnet client and server with
no certificate checking.
If I can at least get it to the point where Netscape will let me click
through one of those nasty security dialog boxes and proceed with the
connection I'd be happy. I'd be more happy if I didn't have to click
through the dialog boses.
Thanks for your time,
Christopher
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
