Method for realizing user-defined proxy tunnel protocol based on SNI mechanism of TLS protocol
A tunneling protocol and custom technology, applied in the field of implementing custom proxy tunneling protocol based on TLS protocol SNI mechanism, can solve the problem of only providing one website service and not including server domain name, etc., and achieve the effect of solving the problem of protocol complexity.
Active Publication Date: 2018-06-12
KOAL SOFTWARE CO LTD
View PDF10 Cites 4 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0005] The TLS protocol introduced the Server Name Indication (SNI) mechanism in 2006 to solve the following problem: the ClientHello request sent by the SSL client to the SSL server does not contain the domain name of the server. In this case, an SSL server can only use A site certificate can only provide one website service to the outside world
However, the standard ServerName value type is HostName, and by default it can only be distinguished among multiple servers based on HostName
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0023] In order to make the technical means, creative features, goals and effects achieved by the present invention easy to understand, the present invention will be further described below in conjunction with specific illustrations.
[0024] HTTPS is based on the SSL / TLS protocol. It requires the client to establish a TCP connection with the proxy server, and then the client initiates an SSL handshake to the proxy server. HTTP data requests can only be sent after the SSL handshake is completed. During this process, the TLS protocol SNI mechanism can be used to realize the function of the SSL client notifying the proxy server of the real server address to be finally connected.
[0025] see figure 2 , the present invention based on the TLS protocol SNI mechanism realizes the method for self-defining proxy tunnel protocol, comprising the following steps:
[0026] 1) The client initiates a handshake request to the proxy server. For example, the ClientHello message requires an S...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a method for realizing a user-defined proxy tunnel protocol based on a SNI mechanism of a TLS protocol, the method comprises the following steps: 1) a client side sends a handshake request to a proxy server side to request a SSL for handshake, and indicates a true server address and a protocol type through a server extension; 2) the proxy server side analyzes the server extension and detects a type of an analysis result, if the detected type meets requirement, a connection between the proxy server side and the client side is marked, and the analysis result is stored; 3)the client side initiates a HTTP service request to the proxy server side; 4) the proxy server side detects whether the connection where the HTTP service request is has a mark, if so, the proxy server side modifies an access target, splices the analysis result with a currently requested path address to obtain a true service address. The method provided by the invention realizes that a problem ofcomplexity in the protocol caused by the original user-defined tunnel protocol is solved based on the SNI mechanism of the TLS protocol.
Description
technical field [0001] The invention relates to the technical field of network communication protocols, in particular to a method for realizing a self-defined proxy tunnel protocol based on the SNI mechanism of the TLS protocol. Background technique [0002] In the WEB world, proxy technology is widely used, and forward proxy is one of the proxy technologies. The so-called forward proxy means that the proxy server is located between the client and the real server. In order to obtain content from the original server, the client Send a request to the proxy server and specify the address of the real server, and then the proxy server forwards the request to the real server and returns the obtained response content to the client. However, using a forward proxy requires the client to explicitly set the proxy server address, which is inconvenient from the perspective of users. [0003] The transparent forward proxy can solve the above problems. The transparent forward proxy can ob...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/08H04L29/12
CPCH04L61/2592H04L67/02H04L67/14H04L67/146H04L69/326H04L67/56
Inventor 贺红杰掌晓愚卫杰
Owner KOAL SOFTWARE CO LTD