hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Smiley @MITRE.org" <DSMI...@mitre.org>
Subject Re: SOCKS support is absent
Date Thu, 18 Nov 2010 17:17:14 GMT

olegk wrote:
> On Thu, 2010-11-18 at 07:12 -0800, David Smiley @MITRE.org wrote:
>> In the example ClientExecuteSOCKS.java you showed me:
>> 1. Why isn't the SOCKS support built into httpclient instead of requiring
>> users to do it themselves?  HttpClient is already invovled with Socket
>> level
>> TCP/IP stuff, with all the socket factory stuff going on, which is where
>> the
>> SOCKS support needs to be implemented.
> Feature-bloat is one of the biggest issues with HttpClient. I am usually
> very reluctant to include additional features that are conceptually not
> related to HTTP, especially if we do not have enough expertise within
> the project to support them.
> SOCKS protocol is not supported out of the box simply because we cannot
> adequately test it. If you are willing to contribute a patch for this
> feature as well as provide a reasonable test coverage for it, I will
> happily review and commit it to the repository.  

Testing this will require a SOCKS server to be stood up.  A quick google
search points at java implementations, such as
http://sourceforge.net/projects/jsocks/ -- perhaps it could be run in a
test. If you expect this level of testing for SOCKS, presumably you have the
same expectation of HttpClient's support for HTTP proxies?  i.e. is http
client standing up an http proxy server in the tests to actually check?  If
you're actually not going the distance there, then I argue I shouldn't have
to do the same for SOCKS proxies either.

As an aside, when I do my SOCKS testing I do "ssh -D '*:1080' -N localhost"
(from memory)

olegk wrote:
>> 2. There is duplicated code between MySchemeSocketFactory,
>> PlainSocketFactory, and ... I was about to say
>> MultihomePlainSocketFactory
>> but its deprecated now and I don't see its replacement.  I think PSF
>> should
>> be non-final, and then why not bake SOCKS support right into PSF using
>> new
>> SOCKS HttpConnectionParams?
> I made PlainSocketFactory non-final. So, one simply has to override one
> method in order to add SOCKS support. Same applies to the
> SSLSocketFactory in the 4.1 branch (trunk)
>> 3. The code doesn't work for SSL.
> What specifically does not work?

It's easiest to ask why should it even work at all?  ClientExecuteSOCKS.java
makes no mention of SSL or https and the https stuff in HttpClient isn't
going to know about MySchemeSocketFactory.  (disclaimer: my understanding is
based off of 4.0.3, not trunk)

olegk wrote:
>> 4. ProxySelectorRoutePlanner still doesn't support SOCKS but it would be
>> nice if it did.  (I have no solution for this)
> It is not supposed to, as SOCKS does not require any special provisions
> on the HTTP protocol level. 
I don't think it matters wether it's at the http level or TCP/IP level. 
HTTPS touches TCP/IP and HttpClient supports that. 
ProxySelectorRoutePlanner is nifty because it takes a standard
java.net.ProxySelector, thereby providing a nice standard means of
encapsulating the proxy rules.  But HttpClient only partially supports it

olegk wrote:
>> Last night I got the HTTPS side working and fortunately it didn't involve
>> creating yet another socket factory.  Based on HttpClient 4.0.3 code, I
>> used
>> a customized DefaultClientConnectionOperator which conditionally used my
>> SocksSocketFactory in its openConnection()... I extended DCCO, overriding
>> openConnection(), copy pasted (ugh!) DCCO's implementation and made some
>> small changes.  I see now that DCCO's code in trunk is different--it no
>> longer knows anything about a Layered socket factory in openConnection(). 
>> I'll have to track down what changed and if that affects me.
> Please have a look at the HttpClient 4.1-beta1 [1] With 4.1 API one
> needs to override just one method (#createSocket(HttpParams)) to add
> SOCKS layering.
That's a nice hook that I wish to use.  But it's just one piece of the
puzzle, the other pieces are a custom SocketFactory along with defining my
own proxy parameters and making HTTPS work over it.  And if supporting
ProxySelectorRoutePlanner is desired, then probably a bunch of HttpClient
code hacking.

~ David

View this message in context: http://old.nabble.com/SOCKS-support-is-absent-tp30238353p30250040.html
Sent from the HttpClient-User mailing list archive at Nabble.com.

To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org

View raw message