iphonessltcpproxy-serverhttp-tunneling

Implementing HTTP proxy over SSL using CONNECT method from iPhone Applications


I am working on client-server solution, where my iPhone app connects to a server over TCP/IP using SSL connection. I want to make sure that entire traffic on SSL goes through the HTTP proxy server.

We can specify HTTP proxy information on iPhone in Settings -> WiFi details-> HTTP proxy(Manual/Auto). When we do this all the HTTP traffic goes through the above mentioned proxy server. (ex. all safari traffic, even the HTTP traffic from all the apps.)

But my problem is SSL over TCP/IP is not going through the proxy server. iPhone SDK has kCFStreamPropertySOCKSProxy set of properties to configure NSStream for SOCKS usage as mentioned below, but I see no provision for configuring a HTTP proxy server on CFSocket/NSStream. What is the best way to handle this.

 CFReadStreamRef readStream;
 CFWriteStreamRef writeStream;
 CFStreamCreatePairWithSocketToHost(kCFAllocatorDefault, (CFStringRef)ipAddress, port, &readStream, &writeStream);
 CFDictionaryRef proxyDict = CFNetworkCopySystemProxySettings();
 CFMutableDictionaryRef socksConfig = CFDictionaryCreateMutableCopy(NULL, 0, proxyDict);
 CFDictionarySetValue(socksConfig, kCFStreamPropertySOCKSProxyHost, (CFStringRef)@"proxy-ip");
 CFDictionarySetValue(socksConfig, kCFStreamPropertySOCKSProxyPort, (__bridge CFNumberRef)[NSNumber numberWithInteger:proxy-port]);
 CFDictionarySetValue(socksConfig, kCFStreamPropertySOCKSVersion, kCFStreamSocketSOCKSVersion5);
 CFDictionarySetValue(socksConfig, NSStreamSOCKSProxyUserKey, (CFStringRef)@"proxy-username");
 CFDictionarySetValue(socksConfig, NSStreamSOCKSProxyPasswordKey, (CFStringRef)@"proxy-password");
 CFReadStreamSetProperty(readStream, kCFStreamPropertySOCKSProxy, socksConfig);
 CFWriteStreamSetProperty(writeStream, kCFStreamPropertySOCKSProxy, socksConfig);
 CFRelease(proxyDict);

UPDATE : It looks like there is only one way to do it, do a HTTP CONNECT over proxy to the server and use the connection for regular SSL traffic. But still I am searching for iPhone implementation.

Thanks


Solution

  • I finally found the answer. Send the following data on a socket and use the same socket to create the TCP connection.

     [[NSString stringWithFormat:@"CONNECT %@:%d HTTP/1.1\nProxy-Connection: Keep-Alive\n\n", @"10.10.10.10", 80] dataUsingEncoding:NSUTF8StringEncoding] ;