Hi, In message <_A3603@delegate-en.ML_> on 12/21/06(19:21:41) you "Paul Beardsell" <pcmhabdyi-vaw4xsrkjqnw.ml@delegate.org> wrote: |I was very pleased, therefore, to find your excellent utility. |Unfortunately it does not perform quite as you describe at |http://www.delegate.org/delegate/mitm/ - the MITM instructions. The |logged SSL traffic is not decrypted. | |I am using DeleGate 9.3.1 on Ubuntu Linux (Edgy) and my command line is: | | $ delegated -v -P8080 STLS=mitm FSV=-tee-n-v | |Using that command and telling Firefox to use the proxy localhost:8080 |everything works perfectly on all the sites I have tried, HTTP and |HTTPS. But the log has the encrypted traffic, not the decrypted |traffic. DeleGate does not do MITM for HTTP without "SERVER=http". |I know your instructions say that I should be using the command line |option SERVER=http but when I do then the browser sometimes hangs and, |once again, the logged traffic is not decrypted. I tested it with the following combination and it seems to work without problem as the enclosed log shows. client: FF2.0 DeleGate: delegated -P9999 SERVER=http STLS=mitm FTOSV=-tee-n server: https://www.delegate.org/delegate/mitm/ Cheers, Yutaka -- 9 9 Yutaka Sato <pfqcabdyi-vaw4xsrkjqnw.ml@delegate.org> http://delegate.org/y.sato/ ( ~ ) National Institute of Advanced Industrial Science and Technology _< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan Do the more with the less -- B. Fuller 12/22 05:01:51.74 [28283] 0+0: --INITIALIZATION START: 9.3.1 on Darwin/7.9.0-- 12/22 05:01:51.74 [28283] 0+0: EXECDIR=/xxx/src 12/22 05:01:51.74 [28283] 0+0: BINSHELL=/bin/sh 12/22 05:01:51.75 [28283] 0+0: scan STLS and FILTERS before beDaemon()... 12/22 05:01:51.75 [28283] 0+0: STLS -> CMAP="--mitm,sslway:FSV:starttls" 12/22 05:01:51.75 [28283] 0+0: STLS -> CMAP="--mitm,sslway:FCL:starttls" 12/22 05:01:51.76 [28283] 0+0: --- [z] 0 dglibz.dylib 12/22 05:01:51.76 [28283] 0+0: --- [z] 0 libz.0.9.8.dylib 12/22 05:01:51.76 [28283] 0+0: --- [/usr/lib/libz.dylib] 12/22 05:01:51.77 [28283] 0+0: --- [z] 602170 /usr/lib/libz.dylib 12/22 05:01:51.77 [28283] 0+0: ---- [z] loaded 9 syms, unknown=0+0, already=0 12/22 05:01:51.77 [28283] 0+0: +++ loaded Zlib 1.1.4 12/22 05:01:51.77 [28283] 0+0: #### gzip/gunzip = dynamically linked 12/22 05:01:51.78 [28283] 0+0: --- [/xxx/delegate/etc/dglibssl.dylib] 12/22 05:01:51.78 [28283] 0+0: --- [ssl] 6021E0 /xxx/delegate/etc/dglibssl.dylib 12/22 05:01:51.79 [28283] 0+0: ---- [ssl] loaded 92 syms, unknown=0+0, already=0 12/22 05:01:51.79 [28283] 0+0: +++ loaded OpenSSL 0.9.8d 28 Sep 2006 **** SSL library (OpenSSL0.9.8d) is loaded successfully 12/22 05:01:51.81 [28283] 0+0: ## SSLway certfile not found or wrong: server-cert.pem [at /xxx/myhome/dist/common/work] 12/22 05:01:51.82 [28283] 0+0: ## SSLway keyfile not found or wrong: server-key.pem [at /xxx/myhome/dist/common/work] 12/22 05:01:51.82 [28283] 0+0: ## SSLway key does not match cert: server-key.pem server-cert.pem 12/22 05:01:51.82 [28283] 0+0: ## SSLway -- Using Default Certificate 12/22 05:01:51.82 [28283] 0+0: ## SSLway ## 0.028388 connected/accepted 12/22 05:01:51.83 [28283] 0+0: ## SSLway initialized ctx #0000000 0 X 12/22 05:01:51.84 [28283] 0+0: server_open(delegate,:9999,listen=20) 12/22 05:01:51.84 [28283] 0+0: server_open(delegate,:9999) BOUND 12/22 05:01:51.84 [28283] 0+0: DGROOT=/xxx/delegate^M 12/22 05:01:51.84 [28283] 0+0: <DeleGate/9.3.1> [28283] -P9999 READY^M 12/22 05:01:51.84 [28283] 0+0: PORT= 9999/10 (39,15) 12/22 05:01:51.86 [28283] 0+0: OWNER=nobody => OWNER=yutaka/staff(yutaka/staff) 12/22 05:01:51.86 [28283] 0+0: STLS -> CMAP="--mitm,sslway:FSV:starttls" 12/22 05:01:51.86 [28283] 0+0: STLS -> CMAP="--mitm,sslway:FCL:starttls" 12/22 05:01:51.86 [28283] 0+0: REMITTABLE = http,https/{80,443},gopher,ftp,wais 12/22 05:01:51.88 [28283] 0+0: ADMIN=ptarqbth4-vaw4xsrkjqnw.ml@delegate.org protocol=http(specialist) 12/22 05:01:52.17 [28283] 0+0: MOUNT[0]X[2] /-/builtin/icons/* = default 12/22 05:01:52.18 [28283] 0+0: MOUNT[1]X[3] /-/* = forbidden,from=!.RELIABLE,default 12/22 05:01:52.18 [28283] 0+0: MOUNT[2]X[0] /-* = default 12/22 05:01:52.18 [28283] 0+0: MOUNT[3]X[1] /=* = default 12/22 05:01:52.18 [28283] 0+0: MOUNT[4]=[4] /favicon.ico builtin:icons/ysato/default.ico default,direction=fo,onerror=404,expires=15m 12/22 05:01:52.18 [28283] 0+0: #### stack size limit = 800000 (000000X) 12/22 05:01:52.19 [28283] 0+0: Stay open PIDFILE for accept() lock[fd=14] 12/22 05:01:52.19 [28283] 0+0: StickyReport[15,16]127.0.0.1:1><127.0.0.1:1 12/22 05:01:52.19 [28283] 0+0: env[27] LIBPATH=.;/xxx/work;/xxx/delegate/lib;/xxx/src;/xxx/delegate/etc 12/22 05:01:52.19 [28283] 0+0: env[29] RESOLV=cache,file,dns 12/22 05:01:52.19 [28283] 0+0: arg[3] SERVER=http 12/22 05:01:52.20 [28283] 0+0: arg[4] ADMIN=ptarqbth4-vaw4xsrkjqnw.ml@delegate.org 12/22 05:01:52.20 [28283] 0+0: arg[5] STLS=mitm 12/22 05:01:52.20 [28283] 0+0: arg[6] FTOSV=-tee-n 12/22 05:01:52.22 [28283] 0+0: DELEGATE_Modified[0]: 458ae6db 1166730971 12/22 05:01:52.22 [28283] 0+0: --INITIALIZATION DONE: 9.3.1 on Darwin/7.9.0-- 12/22 05:01:59.60 [28283] 1+0: default SCREEN=log:__screen 12/22 05:01:59.61 [28288] 1+0: -- Fork(SequentialServer): 28283 -> 28288 12/22 05:01:59.78 [28288] 1+1: (0) accepted [35] -@[127.0.0.1]localhost:50929 (0.171s)(1) 12/22 05:01:59.78 [28288] 1+1: # SSL record head[43 4F 4E 4E 45] SSL2 8?/850 **** a SSL packet from the client is detected then **** MITM mode is activated here 12/22 05:01:59.93 [28288] 1+1: ConnectToServer: DFLT=https://www.delegate.org:443 REAL=://:0 12/22 05:01:59.94 [28288] 1+1: ConnectToServer connected [21] {210.155.199.28:443 <- 192.168.x.x:50930} [0.011s] 12/22 05:01:59.97 [28288] 1+1: willSTLS_SV: ServerFlags=40010 12/22 05:01:59.98 [28289] 1+1: -- Fork(FSV): 28288 -> 28289 12/22 05:01:59.98 [28289] 1+1: ## SSLway loadSession 0.000100 (0 0) / -1 12/22 05:01:59.99 [28288] 1+1: ## MITM: acting in Man-In-The-Middle Mode 12/22 05:01:59.99 [28290] 1+1: -- Fork(FTOSV): 28288 -> 28290 12/22 05:01:59.00 [28288] 1+1: # SSL record head[16 3 1 0 B0] SSL3 8?/181 12/22 05:02:00.00 [28291] 1+1: -- Fork(FCL): 28288 -> 28291 12/22 05:02:00.01 [28291] 1+1: ## SSLway loadSession 0.000113 (0 0) / -1 12/22 05:02:00.05 [28289] 1+1: ## SSLway ## 0.074371 connected/accepted 12/22 05:02:00.05 [28289] 1+1: ## SSLway server's cert. = **subject<</C=JP/ST=Ibaraki/L=Tsukuba/O=Electrotechnical Laboratory/OU=Computer Science Division/CN=Yutaka Sato/emailAddress=paeaabth4-vaw4xsrkjqnw.ml@delegate.org>> **issuer<</C=JP/ST=Ibaraki/L=Tsukuba/O=Electrotechnical Laboratory/OU=Computer Science Division/CN=Yutaka Sato/emailAddress=paeaabth4-vaw4xsrkjqnw.ml@delegate.org>> 12/22 05:02:00.06 [28288] 1+1: **** delayed detection of SSL 12/22 05:02:00.07 [28291] 1+1: ## SSLway ## 0.066288 sescache[1] HIT=0 sR=0 cR=1 12/22 05:02:00.08 [28288] 1+1: IGNORE request: Keep-Alive: 300^M 12/22 05:02:00.08 [28288] 1+1: Proxy: host=localhost; User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1; DIRECT 12/22 05:02:00.08 [28288] 1+1: HCKA:[0] keep-alive; host=localhost; (User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1) 12/22 05:02:00.08 [28288] 1+1: REQUEST - GET /delegate/mitm/ HTTP/1.1^M 12/22 05:02:00.09 [28288] 1+1: PATH> https://www.delegate.org:443!localhost:9999!localhost:50929!anonymous@localhost;1166731319 12/22 05:02:00.09 [28288] 1+1: REQUEST = [https://www.delegate.org:443/] GET /delegate/mitm/ HTTP/1.1^M 1 GET /delegate/mitm/ HTTP/1.1 2 Host: www.delegate.org 3 User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1 4 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 5 Accept-Language: en-us,en;q=0.5 6 Accept-Encoding: gzip 7 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 8 Cookie: DeleGate-Control-SVCC=UTF-8 9 Via: 1.1 - (DeleGate/9.3.1 on Darwin/7.9.0) 10 12/22 05:02:00.67 [28288] 1+1: #HT11 SERVER ver[HTTP/1.1] conn[close] 12/22 05:02:00.67 [28288] 1+1: HTTP/1.1 200 Content-{Type:text/html Encoding:[gzip/] Leng:2632} Server:DeleGate 12/22 05:02:00.70 [28288] 1+1: ####Gunzip [0.001803] - => 6462 12/22 05:02:00.71 [28288] 1+1: Content-Length: 2632 -> 6774 (7034 - 260) 12/22 05:02:00.71 [28288] 1+1: HTTP transmitted: 237head+6462/2632body=>0txt+0bin->6774/6774, 16i/1o/0f/0.1 12/22 05:02:00.87 [28288] 1+1/1: CFI process [28289] done 12/22 05:02:00.98 [28288] 1+1/1: ClosedOnTimeout(0): time=1166731320/1166731349 ppid=28283/28283 pid=28288/28288 12/22 05:02:00.98 [28288] 1+1/1: IGNORE request: Keep-Alive: 300^M 12/22 05:02:00.98 [28288] 1+1/1: Proxy: host=localhost; User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1; DIRECT 12/22 05:02:00.98 [28288] 1+1/1: REQUEST - GET /favicon.ico HTTP/1.1^M 12/22 05:02:00.98 [28288] 1+1/1: PATH> https://www.delegate.org:443!localhost:9999!localhost:50929!anonymous@localhost;1166731319 12/22 05:02:00.98 [28288] 1+1/1: REQUEST = [https://www.delegate.org:443/] GET /favicon.ico HTTP/1.1^M 12/22 05:02:00.98 [28288] 1+1/1: ConnectToServer: DFLT=http://-:80 REAL=https://www.delegate.org:443 12/22 05:02:00.99 [28288] 1+1/1: ConnectToServer connected [10] {210.155.199.28:443 <- 192.168.x.x:50931} [0.004s] 12/22 05:02:01.02 [28293] 1+1/1: -- Fork(FSV): 28288 -> 28293 12/22 05:02:01.03 [28293] 1+1/1: ## SSLway loadSession 0.001257 (1 0) / 2 12/22 05:02:01.03 [28288] 1+1/1: willSTLS_SV: ServerFlags=40330 12/22 05:02:01.04 [28294] 1+1/1: -- Fork(FTOSV): 28288 -> 28294 12/22 05:02:01.04 [28288] 1+1/1: HTTP => (www.delegate.org:443) GET /favicon.ico HTTP/1.1^M 1 GET /favicon.ico HTTP/1.1 2 Host: www.delegate.org 3 User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1 4 Accept: image/png,*/*;q=0.5 5 Accept-Language: en-us,en;q=0.5 6 Accept-Encoding: gzip 7 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 8 Cookie: DeleGate-Control-SVCC=UTF-8 9 Via: 1.1 - (DeleGate/9.3.1 on Darwin/7.9.0) 10 12/22 05:02:01.06 [28293] 1+1/1: ## SSLway ## 0.039196 sescache[2] HIT=1 sR=0 cR=0 12/22 05:02:01.06 [28293] 1+1/1: ## SSLway server's cert. = **subject<</C=JP/ST=Ibaraki/L=Tsukuba/O=Electrotechnical Laboratory/OU=Computer Science Division/CN=Yutaka Sato/emailAddress=paeaabth4-vaw4xsrkjqnw.ml@delegate.org>> **issuer<</C=JP/ST=Ibaraki/L=Tsukuba/O=Electrotechnical Laboratory/OU=Computer Science Division/CN=Yutaka Sato/emailAddress=paeaabth4-vaw4xsrkjqnw.ml@delegate.org>> 12/22 05:02:01.12 [28288] 1+1/1: #HT11 SERVER ver[HTTP/1.1] conn[keep-alive, timeout=50, maxreq=60] 12/22 05:02:01.12 [28288] 1+1/1: #HT11 server KEEP-ALIVE 12/22 05:02:01.12 [28288] 1+1/1: HTTP/1.1 200 Content-{Type:image/x-icon Encoding:[/] Leng:1406} Server:DeleGate/9.4.2-pre1 12/22 05:02:01.12 [28288] 1+1/1: detach respBuff: non-text data, non keep-alive 12/22 05:02:01.17 [28288] 1+1/1: ## premature client close: flush_body (cant_getpeername) 12/22 05:02:01.17 [28288] 1+1/1: ClientEOF: flush_body 12/22 05:02:01.17 [28288] 1+1/1: HTTP transmitted: 370head+1406/1406body=>0txt+0bin->1406/1406, 12i/2o/0f/0.1 12/22 05:02:01.17 [28288] 1+1/1: HCKA:[1] closed -- p:premature client EOF (flush_body) 12/22 05:02:01.18 [28288] 1+1/1: WaitShutdown 1/0 xpid=28294 errno=0/10 0 19 0 0.000 12/22 05:02:01.18 [28288] 1+1/1: disconnected [35] -@[127.0.0.1]localhost:50929 (1.575s)(0) 12/22 05:02:01.18 [28288] 1+1/1: CFI process [28293] done (1/3 AFT-0) 12/22 05:02:01.18 [28288] 1+1/1: CFI process [28291] done (2/3 AFT-0) 12/22 05:02:01.18 [28288] 1+1/1: CFI process [28290] done (3/3 AFT-0) 12/22 05:02:01.19 [28288] 1+1: StickyServer done [serverSocketClosed] 1 req / 1 conn / 2 sec 12/22 05:02:11.79 [28283] 1+0: DeleGate SERVER EXITS: caught SIGINT [2] 12/22 05:02:11.79 [28283] 1+0: Killpg(28283,15) 12/22 05:02:11.81 [28283] 1+0: RUSAGE: 0.10u 0.23s 34S 62R 0r 0t 0d 0k 0e 0f 0w 0i 28o 1g 51x 0y 12/22 05:02:11.81 [28283] 1+0: FINISH. ----
V