First, Ox, thank you for everything!
My Context:
My littleshoot instance, in this example, is: my.poxy.api.foo
My actual api instance is: my.source.api.foo
Thanks to
this topic, I am able to get my http proxy to work correctly:
... returns the data from my own API, just as if I queried
Here is my server bootstrap:
HttpProxyServer server =
DefaultHttpProxyServer.bootstrap()
.withPort(8000)
.withChainProxyManager(new ChainedProxyManager() {
@Override
public void lookupChainedProxies(HttpRequest httpRequest,
Queue<ChainedProxy> chainedProxies) {}
})
.withManInTheMiddle(new SelfSignedMitmManager())
.withFiltersSource(filtersSource)
.start();
Additionally, I have this code for a 'dumb' health check:
private static final String SOURCE_API_HOST = "my.poxy.api.foo"
public HttpResponse requestPre(HttpObject httpObject) {
if (httpObject instanceof HttpRequest) {
HttpRequest httpRequest = (HttpRequest) httpObject;
log.info("requestPre: " + httpRequest.getUri()); if (httpRequest.getUri().equals("/health") && httpRequest.getMethod().equals(HttpMethod.GET)) {
return handleHealth();
} else if (httpRequest.getUri().equals("/test") && httpRequest.getMethod().equals(HttpMethod.GET)){
httpRequest.headers().set("Host", SOURCE_API_HOST);
return null;
}
}
private HttpResponse handleHealth() {
String response = "{\n \"message\": \"OK\",\n \"http_status_code\": 200\n}\n";
return handleText(response);
}
{message: "OK",
http_status_code: 200
}
My Problem
I want to do the same thing for HTTPS:
1)
When I enter:
I want it to the data from my own API, just as if I queried:
2)
Additionally, I want the proxy to also return "OK" for my health check:
Unfortunately, in both calls, my proxy server 'hangs.' That is: the log debug says that there is a connection from my browser, but the browser times out, as if there is no TLS session started.
Troubleshooting steps:
I originally thought that I needed to add
.withSslEngineSource(new SelfSignedSslEngineSource(true))
... which did have the TLS start on the connection, however I continually see this stack trace in my log (when I am curling locally, in this case, but the same error arrives in the general case, from a foreign client):
12:01:17,308 [DEBUG] (LittleProxy-ClientToProxyWorker-0) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL): Enabling encryption of traffic from client to proxy
12:01:17,308 [DEBUG] (LittleProxy-ClientToProxyWorker-1) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL): Enabling encryption of traffic from client to proxy
12:01:17,312 [DEBUG] (LittleProxy-ClientToProxyWorker-0) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL): Enabling encryption with SSLEngine: 5f1c73cc[SSLEngine[hostname=null port=-1] SSL_NULL_WITH_NULL_NULL]
12:01:17,312 [DEBUG] (LittleProxy-ClientToProxyWorker-1) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL): Enabling encryption with SSLEngine: 44f686dc[SSLEngine[hostname=null port=-1] SSL_NULL_WITH_NULL_NULL]
12:01:17,322 [DEBUG] (LittleProxy-ClientToProxyWorker-0) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL): Created ClientToProxyConnection
12:01:17,322 [DEBUG] (LittleProxy-ClientToProxyWorker-1) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL): Created ClientToProxyConnection
12:01:17,322 [DEBUG] (LittleProxy-ClientToProxyWorker-0) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL) [id: 0x089927d0, /127.0.0.1:64860 => /127.0.0.1:8000]: Connected 12:01:17,322 [DEBUG] (LittleProxy-ClientToProxyWorker-1) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL) [id: 0xe5916223, /127.0.0.1:64861 => /127.0.0.1:8000]: Connected 12:01:17,418 [ERROR] (LittleProxy-ClientToProxyWorker-1) org.littleshoot.proxy.impl.ClientToProxyConnection - (AWAITING_INITIAL) [id: 0xe5916223, /127.0.0.1:64861 => /127.0.0.1:8000]: Caught an exception on ClientToProxyConnection io.netty.handler.codec.DecoderException: java.lang.RuntimeException: Delegated task threw Exception/Error
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:257)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:139)
at io.netty.channel.DefaultChannelHandlerContext.invokeChannelRead(DefaultChannelHandlerContext.java:338)
at io.netty.channel.DefaultChannelHandlerContext.fireChannelRead(DefaultChannelHandlerContext.java:324)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:785)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:126)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:485)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:452)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:346)
at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:101)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.RuntimeException: Delegated task threw Exception/Error
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1287)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:790)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:937)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:881)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:837)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:226)
... 10 more
Caused by: java.lang.NullPointerException
sun.security.ssl.HandshakeMessage$CertificateRequest.<init>(HandshakeMessage.java:1281)
at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:841)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:167)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1227)
at io.netty.util.concurrent.ImmediateExecutor.execute(ImmediateExecutor.java:35)
at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:963)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:901)
... 12 more
Is Littleshoot even able to do what I am asking of it?
If so, what am I missing?
Thank you, sincerely, for your time.
-CH