Unlock instant, AI-driven research and patent intelligence for your innovation.

A method of implementing a custom proxy tunnel protocol based on the sni mechanism of the tls protocol

A tunnel protocol and custom technology, applied in transmission systems, electrical components, etc., can solve the problem of only providing one website service and not including server domain names, etc., and achieve the effect of solving the problem of protocol complexity.

Active Publication Date: 2020-11-13
KOAL SOFTWARE CO LTD
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The TLS protocol introduced the Server Name Indication (SNI) mechanism in 2006 to solve the following problem: the ClientHello request sent by the SSL client to the SSL server does not contain the domain name of the server. In this case, an SSL server can only use A site certificate can only provide one website service to the outside world
However, the standard ServerName value type is HostName, and by default it can only be distinguished among multiple servers based on HostName

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method of implementing a custom proxy tunnel protocol based on the sni mechanism of the tls protocol
  • A method of implementing a custom proxy tunnel protocol based on the sni mechanism of the tls protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] In order to make the technical means, creative features, objectives and effects achieved by the present invention easy to understand, the present invention will be further described below in conjunction with specific illustrations.

[0024] HTTPS is based on the SSL / TLS protocol. It requires the client to establish a TCP connection with the proxy server, and then the client initiates an SSL handshake to the proxy server. HTTP data requests can only be sent after the SSL handshake is completed. During this process, the TLS protocol SNI mechanism can be used to realize the function of the SSL client notifying the proxy server of the real server address to be finally connected.

[0025] see figure 2 , the present invention based on the TLS protocol SNI mechanism realizes the method for self-defining proxy tunnel protocol, comprising the following steps:

[0026] 1) The client initiates a handshake request to the proxy server. For example, the ClientHello message requires...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The method for realizing the self-defined proxy tunnel protocol based on the TLS protocol SNI mechanism disclosed by the present invention includes the following steps: 1) the client sends a handshake request to the proxy server to request an SSL handshake, and specifies the real server address and protocol type through the server extension ; 2) The proxy server parses the server extension, and detects the type of the parsing result, if it meets the requirements, then marks the connection, and stores the parsing result; 3) The client initiates HTTP to the proxy server Business request; 4) The proxy server detects whether there is a mark in the connection where the HTTP business request is located. If it exists, the access target is modified, and the analysis result is spliced ​​with the path address of the current request to obtain the real service address. The invention realizes the SNI mechanism based on the TLS protocol, and solves the protocol complexity problem caused by the original self-defined proxy tunnel protocol.

Description

technical field [0001] The invention relates to the technical field of network communication protocols, in particular to a method for realizing a self-defined proxy tunnel protocol based on the SNI mechanism of the TLS protocol. Background technique [0002] In the WEB world, proxy technology is widely used, and forward proxy is one of the proxy technologies. The so-called forward proxy means that the proxy server is located between the client and the real server. In order to obtain content from the original server, the client Send a request to the proxy server and specify the address of the real server, and then the proxy server forwards the request to the real server and returns the obtained response content to the client. However, using a forward proxy requires the client to explicitly set the proxy server address, which is inconvenient from the perspective of users. [0003] The transparent forward proxy can solve the above problems. The transparent forward proxy can ob...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/08H04L29/12
CPCH04L61/2592H04L67/02H04L67/14H04L67/146H04L69/326H04L67/56
Inventor 贺红杰掌晓愚卫杰
Owner KOAL SOFTWARE CO LTD