Need help here. I tried doing what you suggested, but it doesn't work for me at some point. The select call somewhy does not return anything and is always showing that both sockets are in "writable" state, but not in "readable". tcpdump, instead, shows some data coming from the client, but this select call does not see it. Here is a public gist.
https://gist.github.com/ikatson/5681365 (set this script as HTTPS proxy in firefox to test). I also replaced "server_fd.write" and "client_fd.write" calls with uwsgi.send/recv and socket.send/recv calls, cause fd's are integers. I tried os.write/os.read, but the result is the same. What am I doing wrong? Thanks! On Thu, May 30, 2013 at 12:27 PM, Roberto De Ioris <[email protected]> wrote: > > > Hi, Roberto and list readers, > > > > I have a need to implement SSL proxying via web proxy tunelling > ("CONNECT" > > method) http://en.wikipedia.org/wiki/HTTP_tunnel. > > I'm thinking if it's possible to do it inside the existing > > nginx-uwsgi-gevent-django application. > > > > The whole idea of it is a big hack, but I'm curious if it's at all > > possible. > > > > To implement it, one should relay all the trafic between the target > server > > and the client. > > Can I do it with uWSGI? > > > > Basically, I need something like a couple of threads or greenlets reading > > and writing to the raw socket when data is available on either end. > > > > Thanks for your reply. > > > > I do not see particular problems implementing it with uWSGI+gevent, but > you cannot use django for it (its view subsystem will make mess with > realtime sockets). > > basically you will end with something like: > > if environ['REQUEST_METHOD'] == 'CONNECT': > s = gevent.ssl.SSLSocket(..) > s.connect() > client_fd = uwsgi.connection_fd() > server_fd = s.fileno() > # wait for data on both end > ready = gevent.select.select([client_fd, server_fd], [], [], timeout) > ... > # if it is the client send data to the server > ... server_fd.write(client_fd.read(4096)) > # else... > ... client_fd.write(server_fd.read(4096) > > you need to add better check for non blocking writes, but generally this > is the approach i would follow > > > > -- > Roberto De Ioris > http://unbit.it > _______________________________________________ > uWSGI mailing list > [email protected] > http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi >
_______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
