Hello I am writing code for a proxy server using the asynchttpserver library and I want to implement ssl natively on the proxy server. I have already implemented the code for ssl but httpclients are giving errors when requesting using the proxy.
Here is an error given by a python script that uses the proxy for request
requests.exceptions.ConnectionError: ('Connection aborted.', BadStatusLine('\x16\x03\x01\x00ú\x01\x00\x00ö\x03\x03u?\x13±VMç):ì/j7Þ\x04\x12\x0c,\x9dk?9í\x1d\x10µÃEâJAÓ \x10\x00\x87\x94¯cüüºå©Ý¦jï\x87\x92\x00b\xa0\x9d\x8bâ\n'))
And here is an error given by a nim program that uses the proxy
/home/cnerd/test.nim(5) test
/home/cnerd/.choosenim/toolchains/nim-2.0.0/lib/pure/httpclient.nim(1224) getContent
/home/cnerd/.choosenim/toolchains/nim-2.0.0/lib/pure/httpclient.nim(1219) get
/home/cnerd/.choosenim/toolchains/nim-2.0.0/lib/pure/httpclient.nim(1146) request
/home/cnerd/.choosenim/toolchains/nim-2.0.0/lib/pure/httpclient.nim(1047) requestAux
/home/cnerd/.choosenim/toolchains/nim-2.0.0/lib/pure/httpclient.nim(964) newConnection
/home/cnerd/.choosenim/toolchains/nim-2.0.0/lib/pure/httpclient.nim(860) parseResponse
/home/cnerd/.choosenim/toolchains/nim-2.0.0/lib/pure/httpclient.nim(355) httpError
Error: unhandled exception: invalid http version, `Wߘf0!$n1EvQ" iͮYFZ` [ProtocolError]
and here is the nim code in the proxy that wraps the client socket from asynchttpserver request object
var req : Request = req
when not defined(disableSsl):
block sslContext:
withLock ctxLock:
{.cast(gcsafe).}:
ctx.wrapConnectedSocket(req.client, handshakeAsClient, req.hostname) ## TODO :: give proper hostname to wrapped socket
I also wrapped the asynchhttpserver socket just to be sure but no game.
when not defined(disableSsl):
block sslContext:
privateAccess(typeof(server)) ## allows access to private field of type AsyncHttpServer, socket
withLock ctxLock:
{.cast(gcsafe).}:
ctx.wrapSocket(server.socket)
info("initiated ssl support for proxy server")
I would really appreciate if any of the core devs could explain to me what I am doing wrong here. Also I know I can use nginx and co as reverse proxy but I still want to implement the ssl on the proxy server (someone has to test the unstable features).