Re: Apache 2.0, mod_perl filter question
Hello,
I am trying to filter DECRYPTED, PLAIN TEXT data. I
attached my two configuration files. If more
information needed i can send my logs.
Ideally I want to make a setup where
encryption/decryption being done twice in order to
filter DECRYPTED, PLAIN TEXT data(correct me if I am
wrong)
Like SSL-enabled browser - Proxy (SSL, Apache) -
Proxy (non SSL, Apache, here goes filtering) -
another Proxy ( SSL, Apache) - Server (SSL)
At this time i made some little perl script
and it works for GET, having some troubles with POST,
so if you are aware about this problem SSL + proxy +
POST, please let me know (sorry for offtopic)
#!/usr/bin/perl -w
use URI::URL;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Request::Common;
use HTTP::Request::Form;
use HTML::TreeBuilder 3.0;
use HTTP::Cookies;
my $ua = LWP::UserAgent-new;
$ua-proxy('https','https://localhost');
my $url = url 'https://some.server.com:1200/';
my $cookie_jar = HTTP::Cookies-new();
my $res = $ua-request(GET $url);
my $tree = HTML::TreeBuilder-new;
$tree-parse($res-content);
$tree-eof();
my @forms = $tree-find_by_tag_name('FORM');
my $f = HTTP::Request::Form-new($forms[0], $url);
$f-field(nm, user);
$f-field(pwd, password);
my $response = $ua-request($f-press(submit));
$cookie_jar-extract_cookies($response);
$cookie_jar-save();
print $response-content if $response-is_success;
ie, non-SSL browser - proxy + mod_ssl + mod_perl
filter - server works for me for GET
If I do the same with IE, ie Tools-Internet
Options-Connections-Lan Settings-use a proxy server
and put here address of my apache server, I am getting
403 Forbidden.
I cannot explain this.
Any help, ideas, etc are highly appreciated.
Thanks,
Ilia
--- Stas Bekman [EMAIL PROTECTED] wrote:
Ilia Rassadzin wrote:
Hello mod_perl,
I have some problems with filtering HTTPS traffic.
I modified for my needs FilterSnoop module from
Stas
Bekman filter tutorial. It perfectly sees HTTP
data,
but not HTTPS.
Does anyone have any suggestions(ideas) about how
to
implement a filter which will see HTTPS?
Thanks in advance
I need more input from you. Are you trying to filter
an encrypted data stream?
mod_perl connection filters, happen after the
incoming data has been decrypted
and the outgoing data hasn't been yet encrypted.
__
Stas BekmanJAm_pH -- Just Another
mod_perl Hacker
http://stason.org/ mod_perl Guide ---
http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org
http://apacheweek.com
http://modperlbook.org http://apache.org
http://ticketmaster.com
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info:
http://perl.apache.org/maillist/modperl.html
__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See URL:http://httpd.apache.org/docs-2.0/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with / (or drive:/ for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with /, the value of ServerRoot is prepended -- so logs/foo.log
# with ServerRoot set to /usr/local/apache2 will be interpreted by the
# server as /usr/local/apache2/logs/foo.log.
#
### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at URL:http://httpd.apache.org/docs-2.0/mod/mpm_common.html
Re: Apache 2.0, mod_perl filter question
Hello,
I am trying to use as a proxy Apache 2.0 which
includes mod_proxy and mod_ssl.
I am trying to use mod_perl for parsing/changing
decrypted plain text HTML data passed over SSL.
maybe there are other ways to do this, let me know.
The script shows that it is theoretically possibly to
parse/modify HTML passed over SSL in case of GET
(working on POST at this time) with a given setup:
SSL-unaware browser - mod_proxy+mod_ssl+mod_perl -
SSL server
this question should probably be like 'How to setup
Apache + mod_ssl + mod_proxy + mod_perl to make
filtering of plain HTML passed over SSL possible?'
minimal setup:
IfModule mod_proxy.c
PerlModule MyApache::FilterSnoop
Proxy *
PerlOutputFilterHandler
MyApache::FilterSnoop::connection
/Proxy
/IfModule
VirtualHost _default_:443
SSLEngine on
SSLProxyEngine on
SetHandler modperl
PerlOutputFilterHandler
MyApache::FilterSnoop::connection
AllowCONNECT 80 443 563 1200 1300
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile
/usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile
/usr/local/apache2/conf/ssl.key/server.key
CustomLog logs/ssl_request_log \
%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
\%r\ %b
/VirtualHost
--- Stas Bekman [EMAIL PROTECTED] wrote:
Ilia Rassadzin wrote:
Hello,
I am trying to filter DECRYPTED, PLAIN TEXT data.
I
attached my two configuration files. If more
information needed i can send my logs.
Ideally I want to make a setup where
encryption/decryption being done twice in order to
filter DECRYPTED, PLAIN TEXT data(correct me if I
am
wrong)
Like SSL-enabled browser - Proxy (SSL, Apache)
-
Proxy (non SSL, Apache, here goes filtering) -
another Proxy ( SSL, Apache) - Server (SSL)
So you try to use mod_perl 2.0 as a proxy, which
decrypts the stream, does
something to it, encrypts it back and sends it
further? I'm not sure whether
this should work, aren't you suppose to somehow
reconstruct the keys in order
for this to work?
What would be the minimal setup to setup a test
environment?
At this time i made some little perl script
and it works for GET, having some troubles with
POST,
so if you are aware about this problem SSL + proxy
+
POST, please let me know (sorry for offtopic)
#!/usr/bin/perl -w
use URI::URL;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Request::Common;
use HTTP::Request::Form;
use HTML::TreeBuilder 3.0;
use HTTP::Cookies;
my $ua = LWP::UserAgent-new;
$ua-proxy('https','https://localhost');
my $url = url 'https://some.server.com:1200/';
my $cookie_jar = HTTP::Cookies-new();
my $res = $ua-request(GET $url);
my $tree = HTML::TreeBuilder-new;
$tree-parse($res-content);
$tree-eof();
my @forms = $tree-find_by_tag_name('FORM');
my $f = HTTP::Request::Form-new($forms[0], $url);
$f-field(nm, user);
$f-field(pwd, password);
my $response = $ua-request($f-press(submit));
$cookie_jar-extract_cookies($response);
$cookie_jar-save();
print $response-content if $response-is_success;
ie, non-SSL browser - proxy + mod_ssl + mod_perl
filter - server works for me for GET
If I do the same with IE, ie Tools-Internet
Options-Connections-Lan Settings-use a proxy
server
and put here address of my apache server, I am
getting
403 Forbidden.
I cannot explain this.
Any help, ideas, etc are highly appreciated.
I'm not sure how this script helps to understand
your problem with filtering.
Neither a huge config file, most of it irrelevant to
the problem.
What we need is a set of short script/handlers and a
minimal config file with
which we can reproduce the problem.
Ideally, if you can submit patches to our test suite
to accomplish this setup
that would be the simplest. All we will have to do
is to make it working.
__
Stas BekmanJAm_pH -- Just Another
mod_perl Hacker
http://stason.org/ mod_perl Guide ---
http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org
http://apacheweek.com
http://modperlbook.org http://apache.org
http://ticketmaster.com
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info:
http://perl.apache.org/maillist/modperl.html
__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
Apache 2.0, mod_perl filter question
Hello mod_perl, I have some problems with filtering HTTPS traffic. I modified for my needs FilterSnoop module from Stas Bekman filter tutorial. It perfectly sees HTTP data, but not HTTPS. Does anyone have any suggestions(ideas) about how to implement a filter which will see HTTPS? Thanks in advance Ilia __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
