Forum: NGINX Implementing CONNECT in nginx

Ea39da7a72b6b26d30c6cfbf98f85b60?d=identicon&s=25 Thomas Glanzmann (Guest)
on 2014-01-22 16:16
(Received via mailing list)
Hello everyone,
I would like to extend nginx with a CONNECT statement which connects to
a TCP socket. Could someone walk me through which source files I need to
modify and which fucntions I should have a look at?

Or if there is anything else that can give me a quickstart?

My use case is that I would like to share one tcp port between a
webserver that I already have and a SSL VPN. The SSL VPN does the
following:

CONNECT /CSCOSSLC/tunnel HTTP/1.1
Host: lync.gmvl.de
User-Agent: Cisco AnyConnect VPN Agent for Windows 3.0.07059
Cookie:
webvpn=02F9D1@12288@188C@D7B405A4A46480CF364F1A6FD51998A0025DC727
X-CSTP-Version: 1
X-CSTP-Hostname: lenovo
X-CSTP-MTU: 1306
X-CSTP-Address-Type: IPv6,IPv4
X-DTLS-Master-Secret:
D40F07275F15A18F5872905B79FDAC4FD8C33EA13503DF29878C10FE6DA1D025B1128C66AB06E3EB1CEBBBFFF00CBC08
X-DTLS-CipherSuite: AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA
X-DTLS-Accept-Encoding: lzs
X-CSTP-Accept-Encoding: lzs,deflate
X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.

References:
http://www.infradead.org/ocserv/
http://article.gmane.org/gmane.network.vpn.opencon...

Cheers,
        Thomas
Ea39da7a72b6b26d30c6cfbf98f85b60?d=identicon&s=25 Thomas Glanzmann (Guest)
on 2014-01-22 21:48
(Received via mailing list)
Hello,

* Thomas Glanzmann <thomas@glanzmann.de> [2014-01-22 16:15]:
> I would like to extend nginx with a CONNECT statement which connects to
> a TCP socket. Could someone walk me through which source files I need to
> modify and which fucntions I should have a look at?

to answer my own question. The websocket implementation. Diff between
1.3.12 and 1.3.13 comes very close to what I'm looking for.

Cheers,
        Thomas
8a208593bb61b73f4a5f9912334fd98f?d=identicon&s=25 卫越 (Guest)
on 2014-01-27 03:47
(Received via mailing list)
I think this meets your requirement
https://github.com/alibaba/tengine/pull/335/files

-----ʼԭ-----
: nginx-bounces@nginx.org [mailto:nginx-bounces@nginx.org]  Thomas
Glanzmann
ʱ: 2014123 4:48
ռ: nginx@nginx.org
: openconnect-devel@lists.infradead.org
: Re: Implementing CONNECT in nginx

Hello,

* Thomas Glanzmann <thomas@glanzmann.de> [2014-01-22 16:15]:
> I would like to extend nginx with a CONNECT statement which connects to
> a TCP socket. Could someone walk me through which source files I need to
> modify and which fucntions I should have a look at?

to answer my own question. The websocket implementation. Diff between
1.3.12 and 1.3.13 comes very close to what I'm looking for.

Cheers,
        Thomas

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Ea39da7a72b6b26d30c6cfbf98f85b60?d=identicon&s=25 Thomas Glanzmann (Guest)
on 2014-01-28 09:56
(Received via mailing list)
Hello Nickos,
antoher way would be the SNI to distinguish. It would be nice to have
SNI proxy support in NGINX. However there is a third party proxy which
probably already does the job:

https://github.com/dlundquist/sniproxy

I'll test it later after I bisected the problem with anyconnect.

Cheers,
        Thomas
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.