[Twisted-Python] Need help with writing a secure Iran Proxy
kevin.horn at gmail.com
Thu Jun 18 22:10:03 EDT 2009
Of course it depends on you definition of "safe" and "secure", but there's a
few examples around the net. Here's a few:
If you want to add proxy authentication, it shouldn't be too
difficult...check out RFC 2068.
http://www.ietf.org/rfc/rfc2068.txt (esp sections 10.4.8, 11, and 14.33-34)
It should be similar to implementing basic HTTP auth, except you want to use
Proxy-Authenticate and Proxy-Authorization headers instead of the regular
I'm guessing the flow would go something like:
- client requests a proxied resource ( without a Proxy-Authorization header
- server sends back a 407 with a Proxy-Authenticate header
- client prompts user for credentials
- client provides request again with Proxy-Authorization header
- server proxies the resource
of course I'm no expert on web proxies so don't take my word for it...
I think you should be able to do the above by overriding some of the proxy
classes in twisted.web.proxy
On Thu, Jun 18, 2009 at 2:44 AM, Andreas Trawoeger <atrawog at gmail.com>wrote:
> Could I kindly ask all the Twisted Gurus to take a look Austin Heaps Best
> Proxy Practices
> for Iran http://blog.austinheap.com/
> The current setup (Squid & iptables) everybody uses is extremely
> complicated to setup and it should be trivial to implement the requirements
> in Twisted. Turn it into an egg and allow everybody to simple type
> easy_install iranproxy.
> I know a little bit of Twisted, because I'm an avid Zenoss user and in
> different circumstanced I would write the proxy on my own. But in this case
> a safe implementation is a real must and I'm really worried to make some
> stupid beginner mistakes.
> So some (example) code and links to websites I should read would be greatly
> Thanks to everybody!
> cu andreas
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Twisted-Python