diff --git a/http.c b/http.c index 303f6bd..ae28418 100644 --- a/http.c +++ b/http.c @@ -116,7 +116,7 @@ void proxy_protocol(PTSTREAM *pts) /* * Create the proxy CONNECT command into buf */ - if (args_info.remproxy_given ) + if (args_info.remproxy_given && !connected_with_remote_proxy) { if( args_info.verbose_flag ) message( "Tunneling to %s (remote proxy)\n", args_info.remproxy_arg ); @@ -183,13 +183,19 @@ void proxy_protocol(PTSTREAM *pts) analyze_HTTP(pts); - if (args_info.remproxy_given ) + if (args_info.remproxy_given && !connected_with_remote_proxy) { + connected_with_remote_proxy = 1; /* * Clean buffer for next analysis */ while ( strcmp( buf, "\r\n" ) != 0 ) readline(pts); +#ifdef USE_SSL + if (args_info.encrypt_flag ) + stream_enable_ssl(pts); +#endif + if( args_info.verbose_flag ) message( "Tunneling to %s (destination)\n", args_info.dest_arg ); sprintf( buf, "CONNECT %s HTTP/1.0\r\n", args_info.dest_arg ); diff --git a/proxytunnel.c b/proxytunnel.c index c76a2cc..13764a3 100644 --- a/proxytunnel.c +++ b/proxytunnel.c @@ -289,6 +289,7 @@ void do_daemon() #endif /* Open the tunnel */ + connected_with_remote_proxy = 0; proxy_protocol(stunnel); /* If --encrypt is specified, wrap all traffic after the proxy handoff in SSL */ diff --git a/proxytunnel.h b/proxytunnel.h index 2a2d243..37c58bc 100644 --- a/proxytunnel.h +++ b/proxytunnel.h @@ -43,6 +43,7 @@ int read_fd; /* The file descriptor to read from */ int write_fd; /* The file destriptor to write to */ char *program_name; /* Guess what? */ int i_am_daemon; /* Also... */ +int connected_with_remote_proxy; PTSTREAM *stunnel; /* The stream representing the socket from us to the proxy */ PTSTREAM *std; /* The stream representing stdin/stdout */ diff --git a/ptstream.c b/ptstream.c index fd8ede3..595cb6f 100644 --- a/ptstream.c +++ b/ptstream.c @@ -187,7 +187,10 @@ int stream_enable_ssl(PTSTREAM *pts) SSL_METHOD *meth; SSL *ssl; SSL_CTX *ctx; - + + if ( pts->ssl != NULL ){ + return 1; + } /* Initialise the connection */ SSLeay_add_ssl_algorithms(); meth = SSLv23_client_method();