SSL in a C# Web Proxy; how do I determine if the request is SLL or not?

Question

I have built a web proxy from scratch (using Socket and NetworkStream classes). I am now trying to implement SSL support for it so that it can handle HTTPS requests and responses. I have a good idea of what I need to do (using SslStream) but I don't know how to determine if the request I get from the client is SSL or not.

I have searched for hours on this subject and have been unable to find a suitable solution.

After I do this:

TcpListener pServer = new TcpListener(localIP, port);
pServer.Start(256);
Socket a_socket = pServer.AcceptSocket();

How do I know if I need to read the information using SslStream or NetworkStream?

Answer 1

This is why proxy clients use one proxy for HTTP and different one for HTTPS. You can't know what type of connection you're going to receive.

Answer 2

Client will send you a CONNECT method request after this point you need to just redirect the traffic.

Sample Connect :

CONNECT www.google.com:443 HTTP/1.1

After seeing this just switch to data redirect mode. You can not intercept or read the data so you don't need to worry about SSLStream anyway, you won't touch it.

However if you want to MITM (man in the middle) then you need to switch to SSL otherwise just redirect whatever comes to the target URL and port, that's it.

Obviously client browser will popup with an SSL certificate exception if you intercept the request.

Answer 3

You need to add support for the CONNECT command.

http://www.codeproject.com/KB/IP/akashhttpproxy.aspx