Question

我正在尝试使用套接字通过代理连接到HTTPS服务器。据我所知，在使用HTTP代理时，应该将套接字连接到它，然后与它进行交互，因为它是真正的服务器。使用HTTP这种方法可行，但HTTPS不是。为什么呢？

这是连接到HTTPS服务器的简单程序

using System;
using System.Text;
using System.Net.Sockets;
using System.Net.Security;

namespace SslTcpClient
{
    public class SslTcpClient
    {
        public static void Main(string[] args)
        {
            string host = "encrypted.google.com";
            string proxy = "127.0.0.1";//host;
            int proxyPort = 8888;//443;

            // Connect socket
            TcpClient client = new TcpClient(proxy, proxyPort);

            // Wrap in SSL stream
            SslStream sslStream = new SslStream(client.GetStream());
            sslStream.AuthenticateAsClient(host);

            // Send request
            byte[] request = Encoding.UTF8.GetBytes(String.Format("GET https://{0}/  HTTP/1.1\r\nHost: {0}\r\n\r\n", host));
            sslStream.Write(request);
            sslStream.Flush();

            // Read response
            byte[] buffer = new byte[2048];
            int bytes;
            do
            {
                bytes = sslStream.Read(buffer, 0, buffer.Length);
                Console.Write(Encoding.UTF8.GetString(buffer, 0, bytes));
            } while (bytes != 0);

            client.Close();
            Console.ReadKey();
        }
    }
}

在proxy = host和proxyPort = 443时成功连接。但是当我将它们设置为127.0.0.1:8888（localhost上的fiddler代理）时，它不起作用。程序挂起sslStream.AuthenticateAsClient(host);为什么？ Fiddler支持HTTPS（浏览器可以通过它连接）。

P.S。不，我不能在我的案例中使用HttpWebRequest。

Answer 1

管理自己解决它。这是解决方案：

using System;
using System.Text;
using System.Net.Sockets;
using System.Net.Security;

namespace SslTcpClient
{
    public class SslTcpClient
    {
        public static void Main(string[] args)
        {
            string host = "encrypted.google.com";
            string proxy = "127.0.0.1";//host;
            int proxyPort = 8888;//443;

            byte[] buffer = new byte[2048];
            int bytes;

            // Connect socket
            TcpClient client = new TcpClient(proxy, proxyPort);
            NetworkStream stream = client.GetStream();

            // Establish Tcp tunnel
            byte[] tunnelRequest = Encoding.UTF8.GetBytes(String.Format("CONNECT {0}:443  HTTP/1.1\r\nHost: {0}\r\n\r\n", host));
            stream.Write(tunnelRequest , 0, tunnelRequest.Length);
            stream.Flush();

            // Read response to CONNECT request
            // There should be loop that reads multiple packets
            bytes = stream.Read(buffer, 0, buffer.Length);
            Console.Write(Encoding.UTF8.GetString(buffer, 0, bytes));

            // Wrap in SSL stream
            SslStream sslStream = new SslStream(stream);
            sslStream.AuthenticateAsClient(host);

            // Send request
            byte[] request = Encoding.UTF8.GetBytes(String.Format("GET https://{0}/  HTTP/1.1\r\nHost: {0}\r\n\r\n", host));
            sslStream.Write(request, 0, request.Length);
            sslStream.Flush();

            // Read response
            do
            {
                bytes = sslStream.Read(buffer, 0, buffer.Length);
                Console.Write(Encoding.UTF8.GetString(buffer, 0, bytes));
            } while (bytes != 0);

            client.Close();
            Console.ReadKey();
        }
    }
}

如何连接到HTTPS代理？

1 个答案: