Re: about event hooks for https messages

Wed, 04 Mar 2015 08:09:09 -0800 

> On Mar 4, 2015, at 7:15 AM, 毅程 <[email protected]> wrote:
> 
> Hi:
> 
> Let me attach 
> 1. simple test plugin:testplugin.c
> 2. client side test script:ProxyTest.java

The java.net.Proxy class is encapsulating explicit HTTP proxy configurations. I 
would bet that for https URLs, it is issuing a CONNECT request to the proxy. 
Once that happens, the proxy can never see the contents of the encrypted 
channel. Check the method on TS_EVENT_HTTP_READ_REQUEST_HDR, see if it is 
CONNECT.

> 3. the output: log.txt
> 
> From these, we can see
> when I send 2 http requests: (http://www.ebay.com/), all the triggers are 
> invoked for each request, so the sequence is following:
> 60011- TS_EVENT_HTTP_TXN_START
> 60002- TS_EVENT_HTTP_READ_REQUEST_HDR
> 60004- TS_EVENT_HTTP_SEND_REQUEST_HDR
> 60006- TS_EVENT_HTTP_READ_RESPONSE_HDR
> 60007- TS_EVENT_HTTP_SEND_RESPONSE_HDR
> 60012- TS_EVENT_HTTP_TXN_CLOSE: here we have the clientRspBodyBytes: 160167
> 
> 60011- TS_EVENT_HTTP_TXN_START
> 60002- TS_EVENT_HTTP_READ_REQUEST_HDR
> 60004- TS_EVENT_HTTP_SEND_REQUEST_HDR
> 60006- TS_EVENT_HTTP_READ_RESPONSE_HDR
> 60007- TS_EVENT_HTTP_SEND_RESPONSE_HDR
> 60012- TS_EVENT_HTTP_TXN_CLOSE: here we have the clientRspBodyBytes: 160167
> 
> when I send 2 https requests: (https://www.yahoo.com/), I got only following:
> 
> 60011- TS_EVENT_HTTP_TXN_START
> 60002- TS_EVENT_HTTP_READ_REQUEST_HDR
> 60012- TS_EVENT_HTTP_TXN_CLOSE: here we have the clientRspBodyBytes: 680190 
> (this contains the size of 2 responses)
> 
> 
> What I expected is I can get the same/similar hook callback for https.
> Please review the test plugin code, client and log, if this is a problem, 
> shall I open a jira for this?
> 
> Cheng Yi
> 
> 
> 2015-03-04 6:27 GMT-08:00 Alan Carroll <[email protected]>:
> To emphasize James' point, there is no HTTPS engine, there is only the HTTP 
> state machine. HTTPS simply has a different encoding on the wire, the 
> internals as far as ATS is concerned are identical and handled by the same 
> code.
> 
> What I would suspect is that his HTTPS connections are being blinded 
> tunneled, not terminated, on ATS.
> 
> 
> 

—traces for 2 http request
[Mar  4 07:09:06.534] Server {0x751d000} DIAG: (atstest) at event:60011, 
clientReqHdrBytes:0, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:0, serverReqBdyBytes:0, 
serverRspHdrBytes:0, serverRspBdyBytes:0
[Mar  4 07:09:06.536] Server {0x751d000} DIAG: (atstest) at event:60002, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:0, serverReqBdyBytes:0, 
serverRspHdrBytes:0, serverRspBdyBytes:0
[Mar  4 07:09:06.717] Server {0x751d000} DIAG: (atstest) at event:60004, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:0, serverReqBdyBytes:0, 
serverRspHdrBytes:0, serverRspBdyBytes:0
[Mar  4 07:09:07.137] Server {0x751d000} DIAG: (atstest) at event:60006, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:243, serverReqBdyBytes:0, 
serverRspHdrBytes:917, serverRspBdyBytes:0
[Mar  4 07:09:07.138] Server {0x751d000} DIAG: (atstest) at event:60007, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:243, serverReqBdyBytes:0, 
serverRspHdrBytes:917, serverRspBdyBytes:0
[Mar  4 07:09:07.551] Server {0x751d000} DIAG: (atstest) at event:60012, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:947, 
clientRspBdyBytes:160161,             serverReqHdrBytes:243, 
serverReqBdyBytes:0, serverRspHdrBytes:917, serverRspBdyBytes:160161
[Mar  4 07:09:07.559] Server {0x751d000} DIAG: (atstest) at event:60011, 
clientReqHdrBytes:0, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:0, serverReqBdyBytes:0, 
serverRspHdrBytes:0, serverRspBdyBytes:0
[Mar  4 07:09:07.559] Server {0x751d000} DIAG: (atstest) at event:60002, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:0, serverReqBdyBytes:0, 
serverRspHdrBytes:0, serverRspBdyBytes:0
[Mar  4 07:09:07.560] Server {0x751d000} DIAG: (atstest) at event:60004, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:0, serverReqBdyBytes:0, 
serverRspHdrBytes:0, serverRspBdyBytes:0
[Mar  4 07:09:07.848] Server {0x751d000} DIAG: (atstest) at event:60006, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:243, serverReqBdyBytes:0, 
serverRspHdrBytes:915, serverRspBdyBytes:0
[Mar  4 07:09:07.848] Server {0x751d000} DIAG: (atstest) at event:60007, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:243, serverReqBdyBytes:0, 
serverRspHdrBytes:915, serverRspBdyBytes:0
[Mar  4 07:09:09.333] Server {0x751d000} DIAG: (atstest) at event:60012, 
clientReqHdrBytes:176, clientReqBdyBytes:0, clientRspHdrBytes:945, 
clientRspBdyBytes:160189,             serverReqHdrBytes:243, 
serverReqBdyBytes:0, serverRspHdrBytes:915, serverRspBdyBytes:160189


—traces for 2 https request
[Mar  4 07:09:15.000] Server {0x7826000} DIAG: (atstest) at event:60011, 
clientReqHdrBytes:0, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:0, serverReqBdyBytes:0, 
serverRspHdrBytes:0, serverRspBdyBytes:0
[Mar  4 07:09:15.000] Server {0x7826000} DIAG: (atstest) at event:60002, 
clientReqHdrBytes:178, clientReqBdyBytes:0, clientRspHdrBytes:0, 
clientRspBdyBytes:0,             serverReqHdrBytes:0, serverReqBdyBytes:0, 
serverRspHdrBytes:0, serverRspBdyBytes:0
[Mar  4 07:09:18.035] Server {0x7826000} DIAG: (atstest) at event:60012, 
clientReqHdrBytes:178, clientReqBdyBytes:652, clientRspHdrBytes:100, 
clientRspBdyBytes:680290,             serverReqHdrBytes:0, 
serverReqBdyBytes:652, serverRspHdrBytes:0, serverRspBdyBytes:680190


#include <stdio.h>
#include <string.h>

#include <unistd.h>

#include "ts/ts.h"

const char* DEBUG_NAME="atstest";

void debugBytes(TSHttpTxn txnp, int event){
    long clientReqHdrBytes = TSHttpTxnClientReqHdrBytesGet(txnp);
    long clientReqBdyBytes = TSHttpTxnClientReqBodyBytesGet(txnp);
    long clientRspHdrBytes = TSHttpTxnClientRespHdrBytesGet(txnp);
    long clientRspBdyBytes = TSHttpTxnClientRespBodyBytesGet(txnp);
    long serverReqHdrBytes = TSHttpTxnServerReqHdrBytesGet(txnp);
    long serverReqBdyBytes = TSHttpTxnServerReqBodyBytesGet(txnp);
    long serverRspHdrBytes = TSHttpTxnServerRespHdrBytesGet(txnp);
    long serverRspBdyBytes = TSHttpTxnServerRespBodyBytesGet(txnp);
    TSDebug(DEBUG_NAME, "at event:%d, clientReqHdrBytes:%ld, clientReqBdyBytes:%ld, clientRspHdrBytes:%ld, clientRspBdyBytes:%ld, \
            serverReqHdrBytes:%ld, serverReqBdyBytes:%ld, serverRspHdrBytes:%ld, serverRspBdyBytes:%ld",
            event, clientReqHdrBytes, clientReqBdyBytes, clientRspHdrBytes, clientRspBdyBytes,
            serverReqHdrBytes, serverReqBdyBytes, serverRspHdrBytes, serverRspBdyBytes);
}


static int tr_plugin(TSCont txn_contp, TSEvent event, void *edata)
{
    TSHttpTxn txnp = (TSHttpTxn) edata;
    
    debugBytes(txnp, event);
    switch (event) {
        case TS_EVENT_HTTP_READ_REQUEST_HDR:
			
			//will be removed, for analyzing
			//TSHttpTxnHookAdd(txnp, TS_HTTP_REQUEST_TRANSFORM_HOOK, txn_contp);
			//TSHttpTxnHookAdd(txnp, TS_HTTP_RESPONSE_TRANSFORM_HOOK, txn_contp);
			//TSHttpTxnHookAdd(txnp, TS_HTTP_RESPONSE_CLIENT_HOOK, txn_contp);
			TSHttpTxnHookAdd(txnp, TS_HTTP_SEND_REQUEST_HDR_HOOK, txn_contp);
			TSHttpTxnHookAdd(txnp, TS_HTTP_READ_RESPONSE_HDR_HOOK, txn_contp);
			TSHttpTxnHookAdd(txnp, TS_HTTP_SEND_RESPONSE_HDR_HOOK, txn_contp);
			
			TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
            return 0;
        case TS_EVENT_HTTP_TXN_CLOSE:
            TSContDestroy(txn_contp);
            TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
            return 0;
		default:
			//
			TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
			return 0;
			break;
    }
    
    return 0;
}

static int tr_global_plugin(TSCont contp, TSEvent event, void *edata){
    TSHttpTxn txnp = (TSHttpTxn) edata;
    TSCont txn_contp;
    
    switch (event) {
        case TS_EVENT_HTTP_TXN_START:
            /* Create a new continuation for this txn and associate data to it */
            txn_contp = TSContCreate(tr_plugin, TSMutexCreate());
            
            /* Registers locally to hook READ_REQUEST and TXN_CLOSE */
            TSHttpTxnHookAdd(txnp, TS_HTTP_READ_REQUEST_HDR_HOOK, txn_contp);
            TSHttpTxnHookAdd(txnp, TS_HTTP_TXN_CLOSE_HOOK, txn_contp);

            break;
            
		default:
            break;
    }
    
    TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
    return 1;
}


void TSPluginInit(int argc, const char *argv[])
{
    TSDebug(DEBUG_NAME, "Load ATS Test......\n");

    
    TSCont    cont = TSContCreate(tr_global_plugin, NULL);
    TSHttpHookAdd(TS_HTTP_TXN_START_HOOK, cont);
    
}

Attachment: ProxyTest.java
Description: Binary data

>

Reply via email to