I launched Delegate in detailed logging mode to check what was
happening, then launched Internet Explorer and tried to go to
www.about.com . Here is an extract of what I found in the log (I
removed the timestamp part to make it easier to read):
* HTTP Relay_request_head (26 bytes/2 lines)
* Proxy: host=localhost; User-Agent: ; DIRECT
* HTTP Relay_request done (26 bytes/2 lines)
* REQUEST - CONNECT www.about.com:80 HTTP/1.1^M
* ImMaster? 0
* To another server or proxy, THRU >>> www.about.com:80 HTTP/1.1^M
* REMOTE > CONNECT www.about.com:80 HTTP/1.1^M
* TMPFILE(regGetResolvConf) = (26) C:/Program
* *** gethostbyname(www.about.com): www.about.akadns.net / 0.01 secs.
* not PERMITTED_PAIR
* PERMITTED: https://www.about.com
* ClosedOnTimeout(0): time=1141824397/1141824427 ppid=3352/3352 pid=1544/1544
* StickyServer done [httpCONNECT] 2 req / 1 conn / 0 sec
* ====> NO CONNECT was specified for: www.about.com:localhost
* ConnectToServer connect https://www.about.com:80
The log shows "not PERMITTED_pair" when the connect request is sent
and then shows that Delegate transforms the request into https instead
of http, it seems.
Strangely enough, my config file has nearly no restrictions on that part:
Any ideas appreciated !
On 3/2/06, Yutaka Sato wrote:
> |Trouble is, I can't figure out how Delegate handles the HTTP 307 reply that
> |is issued by the transparent outbound proxy prior to authentication: my TCP
> DeleGate does nothing for 307 response message. Since DeleGate does not
> understand 307 code, it records the message header as "Error" in the
> LOGFILE. It relays the response message as is from the server to the
> client, without caching, closing the TCP connection.
> |listener indicates Delegate sends an RST-flagged TCP packet resetting the
> |connection, and the log indicates it tries to connect to
> |https://mydomain.com (instead of http://mydomain which was the initial
> |query). But it does not go to the (virtual) URL in the 307 response header.
> |I tried to unset the MYAUTH parameter incase it implied trying to connect
> |through SSL, but that didn't make any difference: Delegate still does not
> |connect to the 307 redirection URL.
> If your DeleGate tries to connect to https://..., then it is because
> your client requested to do so, possibly by automatic redirection
> indicated from the server-side. Inspecting the LOGFILE of DeleGate,
> recorded during the series of requests and responses, will show us
> what is happening.
> D G Yutaka Sato http://delegate.org/y.sato/
> ( - ) National Institute of Advanced Industrial Science and Technology
> _< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
> Do the more with the less -- B. Fuller