带有 Boost::Beast 的 SSL 隧道 [英] SSL tunnel with Boost::Beast
问题描述
我想连接到只允许 HTTP 连接的代理服务器,通过 HTTPS 与目标服务器通话.
I want to connect to a proxy server that only allows HTTP connections, to speak with the target server by HTTPS.
代理服务器文档指出,唯一的方法是通过 HTTP Connect 动词(他们计划将直接 HTTPS 连接添加到代理服务器本身,但目前只允许 HTTP 连接).
The proxy server documentation states that the only way to do that is by means of the HTTP Connect verb (they are planning to add direct HTTPS connections to the proxy server itself, but for the moment only HTTP connections are allowed).
在我的 C++ 程序中,我在几个月内使用 ssl_stream
成功连接并与目标服务器一起工作,使用 boost::asio
而没有 boost::beast
,但我现在想使用 boost::beast
的代理来简化事情;所以,我现在如何使用 boost::asio,但我是 boost::beast
新手(我也不完全了解 SSL 的工作原理).
In my C++ program, I successfully connected and worked with the target server using ssl_stream
's during a couple of months, using boost::asio
without boost::beast
, but I want now to use a proxy using boost::beast
to make things easier; so, I now how to work with boost::asio but I'm a boost::beast
newbie (and I don't fully understand how SSL works either).
我的理解是,当您使用 ssl_stream
时,您对整个通信进行了加密,但是,我现在需要的是在 CONNECT HTTP 正文中插入加密消息,并且我不知道该怎么做.
The think is that, in my understanding, when you use a ssl_stream
, you encript the whole communication, however, what I need now is to insert the encrypted message within the CONNECT HTTP body, and I don't know how to do that.
我听说这与 lowest_layer
/next_layer
事情有关,但我不确定.
I've readed that this has something to do with the lowest_layer
/next_layer
thing but I'm not sure.
有人能提供一个与代理服务器完全读/写连接的例子吗?或至少进一步澄清?
Could anybody provide an example of a full read/write connection with a proxy-server? or at least further clarifications?
推荐答案
为连接声明一个变量(
ioc
是io_context
)
boost::asio::ssl::stream
使用 Beast 构建 CONNECT HTTP 请求消息 (req
)
Build a CONNECT HTTP request message (req
) using Beast
以纯文本形式向代理发送请求(注意next_layer()
)
Send the request to the proxy in plain-text (note next_layer()
)
boost::beast::http::write(stream.next_layer(), req);
从代理读取 HTTP 响应
Read the HTTP response from the proxy
现在执行 SSL 握手:
Now perform the SSL handshake:
stream.handshake(boost::asio::ssl::stream_base::client);
此时您可以像往常一样使用 Beast 将 HTTP 请求写入 stream
并从 stream
读取 HTTP 响应(不要使用 next_layer()
再次).
At this point you can write HTTP requests to stream
and read HTTP responses from stream
using Beast as normal (do not use next_layer()
again).
这篇关于带有 Boost::Beast 的 SSL 隧道的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!