[stunnel-users] Adding custom HTTP headers to a proxy'ed HTTP request when stunnel is used as an endpoint for a HTTP proxy
tony.cheneau at ssi.gouv.fr
Sun Sep 2 23:18:36 CEST 2018
Good evening folks,
Michal was kind enough to review and rewrite/integrate one of my patches
for logging session IDs  and post the remaining ones on the website !
So, I feel I should also contribute to this list a little program I
wrote. It is meant to be used with the exec= directive. It is mostly
useful when stunnel is used to secure a connexion between a client and a
HTTP proxy. A stunnel instance can run locally on the client while a
stunnel server runs on the HTTP proxy:
HTTP client (proxy'ed) <- > stunnel client <--> stunnel server <-> HTTP
Here, the "exec=" program will run on the stunnel server and add some
extra headers to each HTTP request. One of this headers is the client's
Distinguished Name (from its X.509 certificate). The HTTP proxy (squid
for example) can then make some decision based on this HTTP header
It relies heavily on PicoHTTPParser.
: to appear in version 5.49, see
: patches 0002 and 0003 on https://www.stunnel.org/patches.html
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 14531 bytes
Desc: not available
More information about the stunnel-users