I compiled sniproxy under Debian 32bit x86.
The compile & test all run great.

I've created a config file with a listener and table but I always get the error:

root@KennethsPrivateProxy:/usr/local/sbin# ./sniproxy -f
Table "(null)" not defined
Failed to initialize listener
listener 172.16.10.120:443 {
protocol tls
}

Config file:
user daemon
pidfile /var/tmp/sniproxy.pid
listen 172.16.10.120:80 {
proto http
}
listen 172.16.10.120:443 {
proto tls
}
table {
(hulu|huluim).com *
abc.(go.)?com *
(nbc|nbcuni).com *
netflix.com *
ip2location.com *
}

I've also tried to give the table a name > same issue.

Any plans to add access control?

On Ip or user level.

Hi,

I have been using SNI Proxy to provide some services to clients and would like to be able to get a more verbose output of connections being made so I can time how long each person is talking to each host.

I notice that you have the following in your TODO:

• Per connection access logging including hostname, bytes rx/tx, src/dst ip/port, timestamp and duration

Has any work been done on this and if not do you intend on looking into this in the near future, unfortunately my programing is not advanced enough to assist here but I am happy to help in any other ways as this software seems to git my needs exactly. I would be interested to hear peoples feedback on this TODO Item.

Hi,

I have since yesterday sniproxy running.
On the computer everything is working good, netflix, hulu,... but when i want to connect thru my boxee box i get failed connection to netflix.
when i do UP, UP, DOWN, DOWN, LEFT, RIGHT, LEFT, RIGHT, UP, UP, UP, UP on the boxee box it says "last error" network / 6 / SSL handshake failed / https://uiboot.netflix.com/apps/....
on sniproxy i get
2014-02-27 19:06:06 Unable to parse request from 81.244.210.19:56727
2014-02-27 19:06:06 parse() returned -5

thx

Follwed the ubuntu install. But sniproxy wont work.

sudo apt-get install dpkg-dev cdbs debhelper dh-autoreconf libev-dev libpcre3-dev
dpkg-buildpackage
sudo dpkg -i sniproxy_0.1-1_amd64.deb
http://i.imgur.com/ZeVzdHm.png

But the last command is done is about 1 second.

Service sniproxy status tells me that sniproxy is not running.
Service sniproxy start commando wont work.

The sniproxy server only starts with the following command.
sudo sniproxy -c /etc/sniproxy.conf

Then Service sniproxy status tells me that sniproxy is running.
Service sniproxy stop is working.

sudo apt-get remove sniproxy will give me the following error.
http://i.imgur.com/84KtudZ.png

What to do?

Would it be at all possible to add a command in the configuration file to allow inclusions of other config files?

I've been troubleshooting problems with fallback server, and it seems sometimes the hostname taken from the fallback value does not include the terminating \0.
Name resolution then fails because of extra garbage chars.

Working better by adding +1 to address_len() in listener_lookup_server_address() but not sure if this is the best solution

1eddd3f/src/listener.c#L298-L303

        size_t len = address_len(addr) + 1;
        new_addr = malloc(len);
        if (new_addr == NULL)
            return NULL;

        memcpy(new_addr, addr, len);

Hi,

Has SNIproxy been updated to use libev4 recently or was this always a requirement.

My cross compilation build seems to be failing whereas it worked about 3 months ago.

Sep 2 05:57:32 localhost kernel: [ 2331.972207] __ratelimit: 66 callbacks suppressed
Sep 2 05:57:32 localhost kernel: [ 2331.972494] sniproxy[28708]: segfault at 0 ip (null) sp bfebcbe0 error 14 in sniproxy[8048000+6000]

Hello,

A build as of commit a474fa9, running on Linux, would give log messages like:

Did not receive complete TLS handshake header: 95
Request from 10.0.0.10:49616 did not include a hostname
.* matched
Connecting to (null):443
connect error: Connection refused
Server connection failed to (null)

for some requests, with the connection being aborted.

This would happen with requests made from recent versions of both Firefox and Chrome, and did not appear to be isolated to specific hosts. Some requests for a given host would succeed, while other requests made seconds later would fail with those messages being logged.

The failed requests would have a tls_length value somewhat larger than 256 in parse_tls_header() in tls.c, with successful requests being somewhat under that length.

Increasing the size of the buffer char array in handle_connection_client_hello() in connection.c from 256 to 2048 appears to avoid this problem. A smaller value may work, but it hasn't been tested.

Thanks!

Hi

First of all thanks for a great proxy!

I am having an issue with files above 10k - It seem to be a buffer overflow (EAGAIN).
I have compiled the #fix-nonblocking-send version, and it has helped a bit, but unfortunately the problem still occurs.

Thanks

David

We have the SNI proxy running on a server. When a new HTTPS request comes in and the proxy is supposed to route it to machine XYZ, the request will fail if the connection to XYZ is closed. Subsequent requests will succeed as long as the TCP connection is still working.

I don't know what I can provide that would help diagnose this issue. Is there something special happening that would cause the first request to fail?

Same problem on all above operating system's and fresh installs. Done right after apt-get update, apt-get upgrade, git clone http://github.com/dlundquist/sniproxy.git, and dpkg-buildpackage.

root@buyvm:~# cd sniproxy
root@buyvm:~/sniproxy#  dpkg-buildpackage
dpkg-buildpackage: source package sniproxy
dpkg-buildpackage: source version 0.2
dpkg-buildpackage: source changed by Dustin Lundquist <[email protected]>
dpkg-buildpackage: host architecture amd64
 dpkg-source --before-build sniproxy
 debian/rules clean
test -x debian/rules
dh_testroot
rm -f debian/stamp-makefile-build debian/stamp-makefile-install
/usr/bin/make  -C .  -k distclean
make[1]: Entering directory `/root/sniproxy'
make[1]: *** No rule to make target `distclean'.
make[1]: Leaving directory `/root/sniproxy'
make: [makefile-clean] Error 2 (ignored)
rm -f debian/stamp-autotools
rmdir --ignore-fail-on-non-empty .
rmdir: failed to remove `.': Invalid argument
make: [makefile-clean] Error 1 (ignored)
dh_autoreconf_clean
dh_clean
rm -f debian/stamp-autotools-files
 dpkg-source -b sniproxy
dpkg-source: info: using source format `3.0 (native)'
dpkg-source: info: building sniproxy in sniproxy_0.2.tar.gz
dpkg-source: info: building sniproxy in sniproxy_0.2.dsc
 debian/rules build
test -x debian/rules
mkdir -p "."
dh_autoreconf
configure.ac:14: installing `./config.guess'
configure.ac:14: required file `./config.rpath' not found
configure.ac:14: installing `./config.sub'
configure.ac:8: installing `./install-sh'
configure.ac:8: installing `./missing'
src/Makefile.am: installing `./depcomp'
tests/Makefile.am:32: compiling `../src/address.c' in subdir requires `AM_PROG_CC_C_O' in `configure.ac'
Makefile.am: installing `./INSTALL'
autoreconf: automake failed with exit status: 1
dh_autoreconf: autoreconf -f -i returned exit code 1
make: *** [debian/autoreconf.after] Error 2
dpkg-buildpackage: error: debian/rules build gave error exit status 2
root@buyvm:~/sniproxy#

On my EC2 instance, when trying to compile it, I have the following message:

[ec2-user@ip-XXXXXXXX src]$ make all
cc -c sni_proxy.c
cc -c config.c
config.c: In function ‘init_config’:
config.c:118: error: ‘for’ loop initial declarations are only allowed in C99 mode
config.c:118: note: use option -std=c99 or -std=gnu99 to compile your code
make: *** [config.o] Error 1

In order to easily solve the problem, you need to edit 'config.c' and change:

Line 118: for (int i = 0; i < 5; i++)

By:
Line 118: int i;
Line 119: for (i = 0; i < 5; i++)

Hope it will help you guys. Not a big thing but hey, easy to solve.
I'm not on my main computer but let me know if you want me to create a branch for you to integrate it later (would be nice to have a trace of my work :) )

I'm proxying apache reverse proxies through the sniproxy, but unfortunately apache is adding X-Forwarded-* headers (I'm running 2.2, this feature is added in 2.4, but there's months 'till debian updates the packages). I thought (if it's not too complicated) it would be nice, if I could specify which headers to remove from the request so that sniproxy requests are.. well, sneaky :)

X-Forwarded-For: xxx.yyy.zzz.ooo
X-Forwarded-Host: www.domain.com
X-Forwarded-Server domain.com

@dlundquist What do you think about replacing libev with libuv? Libuv is multiplatform library and therefore there will be oportunity to make sniproxy multiplatform too.

Maybe create debug mode in which all logs will be printed in stdout it can be usefull.

This is the output:

Receved SSL 3.0 handshake
Request from 192.168.1.1:52021 did not include a hostname
Connecting to (null):443
connect error: Connection refused
Server connection failed to (null)

Hi there,

with the latest commit, sniproxy only works with sniproxy -f and not as a daemon in init.d

no error, nothing.

The pianobar client creates a TCP connection with:

packet 1:
POST .....\r\n

packet 2:
Host: ___
...

It would be nice if the first packet could be queued for delivery after the second one is parsed and the header retrieved.

Currently this connection is dropped because the Host header is not found by parse_http_header.

I have had sniproxy stop resolving after several weeks on a number of occasions. I'm running Ubuntu 13.04 vanilla install.

Is there any logs that I can provide that may give an indication of the problem next time the issues appears?

It would be nice to produce some server stats under a special url or a different port (similar to Apache server status or Nginx status module).

Just some plain text or json encoded counters on:

Active connections
Accepted connections
Handled requests
Reading/writing/waiting

Check out the dump.c code from the Mathopd HTTP Server available here https://github.com/michielboland/mathopd/blob/master/src/dump.c

This produces the following output:
http://www.mathopd.org/wiki?SpecialsDump

double post fail

Hi,

i'm trying to setup sniproxy, but I keep receiving an error when running it:

root@hestia:/# sniproxy
Failed to initialize listener #0 -- returned -3:
listener 1.2.3.4 8443 {
        protocol tls
        table https

My config looks like this:

user daemon
table http {
    testdomain\.com * 80
}

table https {
       testdomain\.com * 443
}

listener 1.2.3.4 8080 {
    proto http
    table "http"
}
listener 1.2.3.4 8443 {
    proto tls
    table "https"
}

This is in the syslog:

Sep 16 04:49:47 hestia sniproxy: Parsed testdomain.com * 443
Sep 16 04:49:47 hestia sniproxy: Parsed testdomain.com * 80
Sep 16 04:49:47 hestia sniproxy: bind failed

1.2.3.4 is the IP of the server.

What means the returned -3? How can I trace why sniproxy can't create the listner?

Thank you!!

I have tried to find out why Chromecast does not work with your sniproxy. I don't understand why, but it looks like the proxy sends "Change Cipher Spec" packets after the "Server Key Exchange" which results in Chromecast sending a new (SSL 3.0) "Client Hello".

Successful connection:

Unsuccessful connection via sniproxy:

Any idea how to deal with this?

Opening separate issue for assertion failure reported by @JustMe0815 in #82:

sniproxy: connection.c:282: void connection_cb(struct ev_loop *, struct ev_io *, int): Assertion `((0 + ((ev_watcher *)(void *)(client_watcher))->active) && con->client.watcher.events) || ((0 + ((ev_watcher *)(void *)(server_watcher))->active) && con->server.watcher.events)' failed.
Aborted (core dumped)

How to reproduce:

# Configure sniproxy to preform DNS lookups
$ cat <<-END > wildcard.conf
listen 127.0.0.1 8080 {
    proto http
}

table {
    .* *:80
}
END

# Launch it with a nameserver which will not responds in a timely manner:
$ NAMESERVERS="192.0.2.100" ./src/sniproxy -f -c wildcard.conf 

# In another terminal, pass sniproxy a large request (in this case PUT the sniproxy binary)
$ curl -v http://127.0.0.1:8080/ -H 'Host: example.com' -T src/sniproxy

The problem is the current assertions do not account for the case where the server buffer (client input) is full and the server connection has not yet been opened. Need to make an exception for when a DNS query is outstanding.

Latest commit just crashes, it writes nothing to /var/log/syslog other than the following on startup:

Nov 2 00:34:43 vps2 sniproxy: Parsed . *:443
Nov 2 00:34:43 vps2 sniproxy: Parsed . *:80

When sending any traffic through it it simply dies. Any ideas?

./configure returns the following error:

configure: error: libev not found

libev is installed

root@host:/usr/local/src/sniproxy# dpkg -l |grep libev
ii  libev-dev                              1:3.8-1                                         static library, header files, and docs for l
ii  libev-libevent-dev                     1:3.8-1                                         libevent event loop compatibility wrapper fo
ii  libev3                                 1:3.8-1                                         high-performance event loop library modelled
ii  libevent-1.4-2                         1.4.13-stable-1                                 An asynchronous event notification library

I'm on:

No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 10.04.4 LTS
Release:    10.04
Codename:   lucid

What am I missing here? Thanks!

sniproxy -c /path/to/config does not stay open, only works with -f option.

no error messages

While setting up syslog rules on a new server, i noticed that some sniproxy syslog messages ended up in the user.log instead of where they were supposed to go.
I almost went mad over this, thinking something with my syslog config was amiss.

Issue:
Syslog messages emitted in backend.c are always send to Syslog's default log.user facility and not the SYSLOG_FACILITY defined in sniproxy.h.

Cause: openlog() is initialized AFTER the init_server(config) call in sniproxy.c

As a side note, some log granularity control would be nice to have in the sniproxy.conf.

Currently sniproxy makes a blocking connect() call after determining which server to use for a given connection.

Would you consider adding an internal proxy target that simply closes the connection? I'm looking to filter/drop connections to tracking websites. (Much like the Ghostery browser plugin, but without being limited to the browser.)

What kind of proxy application setup could other providers possibly be using eg. unblock.us?

What advantages could sniproxy have over other proxies?

Hi,

we there over at corporate-gadfly/Tunlr-Clone#22 were asking ourselfes if it would be possible to answer to a SSL 3.0 Request instead of rejecting it with an error.

Something like:

• Hey, here is Client. I want to use SSL 3.0
• Hey Client, this is SNI Proxy. I force you to speak TLS 1.0
• Hey SNI, alright. Here we go.

Is this at least possible?

I try with trial and error to get my wdtv play to work with Netflix.. Therefor I want to setup sniproxy to proxy all requests regardless where they are from or where they go...
I used:
.*//.com *

Can I disable the table, to just get everything to pass through?

2nd question is, how can I get a proper log file with sniproxy? The documentation lacks some info...
I want to get all logs, all querys etc. (ideal) in one extra file

Thanks!

when i exceute dpkg-buildpackage I get the folowing errors:
dpkg-buildpackage: source package sniproxy
dpkg-buildpackage: source version 0.2
dpkg-buildpackage: source changed by Dustin Lundquist [email protected]
dpkg-buildpackage: host architecture amd64
dpkg-source --before-build sniproxy
dpkg-checkbuilddeps: Unmet build dependencies: pkg-config
dpkg-buildpackage: warning: build dependencies/conflicts unsatisfied; aborting
dpkg-buildpackage: warning: (Use -d flag to override.)

Hi there,

When transparently proxying HTTP/HTTPS i'm getting a dump of response headers and binary data instead of a rendered site. Here's an example:

<30>Sep 28 00:22:08 sniproxy: Request for www.hulu.com from 181.194.61.72:18849<31>Sep 28 00:22:08 sniproxy: (hulu|huluim).com matched www.hulu.com<31>Sep 28 00:22:08 sniproxy: Connecting to www.hulu.com:80HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Length: 8581
Status: 200 OK
X-UA-Compatible: IE=Edge,chrome=1
Cteonnt-Length: 28931
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Cache-Control: max-age=1111
Date: Sat, 28 Sep 2013 04:22:08 GMT
Connection: keep-alive

�����������}}{�F��������䭑�I�)qr;��x7M���n7���`�����,k�ܟ�����@�/y���)Wk�̙3g�ۜ�9���?}}p���2ɦ���ҏr5
�tO�d�l�n/��֢ӊ�q����+�Q%��wVp�x֚�v��}����w��p�G7�͂,�c�;Q�Yr�_,�_��p��q�+/���M��A���,���b����e{����q�$<�SS��w�_�r��T6���+�����d��S7 fT�3�V�I��=���B��˽���������R�j;���3�&e3��1�.�T7�2�e�u�_�Ӟ��M�z�����<�{s�L�U�FL����k��t�������p�{c��mK��I��3%��jD>�4�]RY��6:���ú�b�ƥ���M�<��\���J��Y�B-u��a�_Sv�L��u�<�xb�z/��$��JJ�n�W6���FY��Y0+�;�X� �P�A6Q�P�D<S��fa��D�фE.��<m��EJ�� �c�G�v0%E_�J�ε�'��_�RN2h��^ߡx)~�]�ς4��b�� %��%�]

Any clues what's going on?

It would be useful to specify which address outgoing requests from SNI are bound to. The example .conf demonstrates listen binds but not outgoing ones, if it already exists.

Also, it would be helpful to be able to specify a DNS server to use rather than relying on local system settings - my local DNS refers back to the local server for some sites to get proxied which causes sniproxy to loop.

Hi there,

I'm having difficulties compiling this tool. Can you help?

I'm running a bone stock VPS, of which I had to install a couple tools to even get as far as I have at the moment. Namely:
build-essential (apt)
pcre (sourceforge)

Scrolling back through the log, I see the following line after running ./configure:
checking for GNU libc compatible malloc... no

Anyways, here's the output from make:

root@vps:~/HTTPS-SNI-Proxy-master# make
Making all in src
make[1]: Entering directory /root/HTTPS-SNI-Proxy-master/src' gcc -g -O2 -o sni_proxy sni_proxy.o config.o cfg_parser.o cfg_tokenizer.o util.o server.o listener.o table.o backend.o connection.o buffer.o tls.o http.o -lpcre -lpcre config.o: In functioninit_config':
/root/HTTPS-SNI-Proxy-master/src/config.c:87: undefined reference to rpl_malloc' table.o: In functionnew_table':
/root/HTTPS-SNI-Proxy-master/src/table.c:39: undefined reference to rpl_malloc' buffer.o: In functionnew_buffer':
/root/HTTPS-SNI-Proxy-master/src/buffer.c:49: undefined reference to rpl_malloc' /root/HTTPS-SNI-Proxy-master/src/buffer.c:57: undefined reference torpl_malloc'
collect2: ld returned 1 exit status
make[1]: *** [sni_proxy] Error 1
make[1]: Leaving directory `/root/HTTPS-SNI-Proxy-master/src'
make: *** [all-recursive] Error 1

I saw some references after searching to trick the system i.e. ac_cv_func_malloc_0_nonnull=yes but that doesn't seem to work either.

Any assistance is appreciated.

Thanks.

hi there,

can someone explain to me how i can setup a fallback server?

thank you

Dennis

sniproxy -f
*** glibc detected *** sniproxy: double free or corruption (fasttop): 0x00000000025d15f0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x76d76)[0x7fc19166ad76]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x6c)[0x7fc19166faac]
sniproxy[0x40337d]
/usr/lib/libev.so.4(ev_invoke_pending+0x8f)[0x7fc19198266f]
/usr/lib/libev.so.4(ev_run+0x835)[0x7fc1919856f5]
sniproxy[0x40535c]
sniproxy[0x401eb5]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd)[0x7fc191612ead]
sniproxy[0x402051]
======= Memory map: ========
00400000-00408000 r-xp 00000000 09:02 5903960 /usr/local/sbin/sniproxy
00607000-00608000 rw-p 00007000 09:02 5903960 /usr/local/sbin/sniproxy
025c7000-025e8000 rw-p 00000000 00:00 0 [heap]
7fc18c000000-7fc18c021000 rw-p 00000000 00:00 0
7fc18c021000-7fc190000000 ---p 00000000 00:00 0
7fc190b34000-7fc190b49000 r-xp 00000000 09:02 20054058 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc190b49000-7fc190d49000 ---p 00015000 09:02 20054058 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc190d49000-7fc190d4a000 rw-p 00015000 09:02 20054058 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc190d4a000-7fc190d5d000 r-xp 00000000 09:02 20054051 /lib/x86_64-linux-gnu/libresolv-2.13.so
7fc190d5d000-7fc190f5c000 ---p 00013000 09:02 20054051 /lib/x86_64-linux-gnu/libresolv-2.13.so
7fc190f5c000-7fc190f5d000 r--p 00012000 09:02 20054051 /lib/x86_64-linux-gnu/libresolv-2.13.so
7fc190f5d000-7fc190f5e000 rw-p 00013000 09:02 20054051 /lib/x86_64-linux-gnu/libresolv-2.13.so
7fc190f5e000-7fc190f60000 rw-p 00000000 00:00 0
7fc190f60000-7fc190f65000 r-xp 00000000 09:02 20054054 /lib/x86_64-linux-gnu/libnss_dns-2.13.so
7fc190f65000-7fc191164000 ---p 00005000 09:02 20054054 /lib/x86_64-linux-gnu/libnss_dns-2.13.so
7fc191164000-7fc191165000 r--p 00004000 09:02 20054054 /lib/x86_64-linux-gnu/libnss_dns-2.13.so
7fc191165000-7fc191166000 rw-p 00005000 09:02 20054054 /lib/x86_64-linux-gnu/libnss_dns-2.13.so
7fc191166000-7fc191171000 r-xp 00000000 09:02 20054043 /lib/x86_64-linux-gnu/libnss_files-2.13.so
7fc191171000-7fc191370000 ---p 0000b000 09:02 20054043 /lib/x86_64-linux-gnu/libnss_files-2.13.so
7fc191370000-7fc191371000 r--p 0000a000 09:02 20054043 /lib/x86_64-linux-gnu/libnss_files-2.13.so
7fc191371000-7fc191372000 rw-p 0000b000 09:02 20054043 /lib/x86_64-linux-gnu/libnss_files-2.13.so
7fc191372000-7fc1913f3000 r-xp 00000000 09:02 20054046 /lib/x86_64-linux-gnu/libm-2.13.so
7fc1913f3000-7fc1915f2000 ---p 00081000 09:02 20054046 /lib/x86_64-linux-gnu/libm-2.13.so
7fc1915f2000-7fc1915f3000 r--p 00080000 09:02 20054046 /lib/x86_64-linux-gnu/libm-2.13.so
7fc1915f3000-7fc1915f4000 rw-p 00081000 09:02 20054046 /lib/x86_64-linux-gnu/libm-2.13.so
7fc1915f4000-7fc191774000 r-xp 00000000 09:02 20054049 /lib/x86_64-linux-gnu/libc-2.13.so
7fc191774000-7fc191974000 ---p 00180000 09:02 20054049 /lib/x86_64-linux-gnu/libc-2.13.so
7fc191974000-7fc191978000 r--p 00180000 09:02 20054049 /lib/x86_64-linux-gnu/libc-2.13.so
7fc191978000-7fc191979000 rw-p 00184000 09:02 20054049 /lib/x86_64-linux-gnu/libc-2.13.so
7fc191979000-7fc19197e000 rw-p 00000000 00:00 0
7fc19197e000-7fc19198b000 r-xp 00000000 09:02 5776112 /usr/lib/libev.so.4.0.0
7fc19198b000-7fc191b8a000 ---p 0000d000 09:02 5776112 /usr/lib/libev.so.4.0.0
7fc191b8a000-7fc191b8b000 rw-p 0000c000 09:02 5776112 /usr/lib/libev.so.4.0.0
7fc191b8b000-7fc191b8c000 rw-p 00000000 00:00 0
7fc191b8c000-7fc191bc8000 r-xp 00000000 09:02 20057594 /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7fc191bc8000-7fc191dc8000 ---p 0003c000 09:02 20057594 /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7fc191dc8000-7fc191dc9000 rw-p 0003c000 09:02 20057594 /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7fc191dc9000-7fc191de9000 r-xp 00000000 09:02 20054052 /lib/x86_64-linux-gnu/ld-2.13.so
7fc191fdb000-7fc191fdf000 rw-p 00000000 00:00 0
7fc191fe6000-7fc191fe8000 rw-p 00000000 00:00 0
7fc191fe8000-7fc191fe9000 r--p 0001f000 09:02 20054052 /lib/x86_64-linux-gnu/ld-2.13.so
7fc191fe9000-7fc191fea000 rw-p 00020000 09:02 20054052 /lib/x86_64-linux-gnu/ld-2.13.so
7fc191fea000-7fc191feb000 rw-p 00000000 00:00 0
7fff5af30000-7fff5af51000 rw-p 00000000 00:00 0 [stack]
7fff5afbc000-7fff5afbd000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted

When i try to compile i keep getting

root@carbon:/home/sniproxy-master# ./autogen.sh && ./configure && make check && sudo make install
configure.ac:7: installing ./install-sh' configure.ac:7: installing./missing'
src/Makefile.am: installing ./depcomp' Makefile.am: installing./INSTALL'
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... no
checking for mawk... mawk
checking whether make sets $(MAKE)... no
checking for style of include used by make... none
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking dependency style of gcc... none
checking for gcc option to accept ISO C99... -std=gnu99
checking for library containing ev_run... no
configure: error: libev4 not found

But it is installed as you can see here?

root@carbon:/home/sniproxy-master# dpkg -l libev4
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-===================-==============-==============-===========================================
ii libev4 1:4.11-1 i386 high-performance event loop library modelle

Hi,

We're using the SNI Proxy to send SOAP requests to a service. It works fine until we send over 11.5k of a single XML post. Below that it works fine.

Could this be a problem with the SNI Proxy?

Hi!

Has anyone gotten Netflix to work on a Roku 2? Logs do not show any problems (show successful proxying of requests to x.netflix.com) and the actual listing of content is definitely US netflix but whenever i try to play content that is only available in the US i get "Content Unavailable to play instantly". Playing content that is also available at my location does work. Bind logs don't show anything out of the ordinary.

Any ideas?

I'm getting the following error message when using HTTPS-SNI:

Jun 24 17:47:50 server1 sni_proxy: No match found for (null)
Jun 24 17:47:50 server1 sni_proxy: Server connection failed to (null)

Any idea how to figure out what null is?? or why this is coming up?

Thanks!

Hi,

Thanks for sharing this awesome piece of code.

From time to time I'm getting "select: bad file descriptor" and the proxy terminates. The max. number of available fd's is still far, far away when this happens, so that's not the problem.
Any idea how to handle this error gracefully?
From what I'm seeing, it looks that the problem could be similar to this:
http://arstechnica.com/civis/viewtopic.php?f=20&t=494001

Cheers,
pechspilz

need to reload the website 2 times before they are loading completely.

connection with the browser works fine on computer and android. but as soon as i use the netflix app for android i get an connection error and in the log file i can read:

sniproxy: Connecting to android.nccp.netflix.com:443
sniproxy: connect error: Connection refused
sniproxy: Server connection failed to android.nccp.netflix.com

sniproxy: Connecting to secure.netflix.com:443
sniproxy: connect error: Connection refused
sniproxy: Server connection failed to secure.netflix.com

sniproxy: Received SSL 3.0 handshake
sniproxy: Unable to parse request from
sniproxy: parse() returned -6
sniproxy: recv failed: Connection reset by peer

When connecting to Hulu it works fine but when trying to play videos its fails everytime.
I looked at my logs on my VPS and it says the request did not include a hostname.

I am currently using the latest source that was committed earlier. I know I have everything setup correctly since I have netflix running perfectly and Hulu does login just having problems playing videos.

Any help would be greatly appreciated :)

The README mentions you need a "recent" Debian distribution, which I think many will interpret as "current stable". However, "current stable" does not feature udns packages.

Grabbing udns from testing (jessie) and using them in stable works fine though. Maybe this is worth noting in the README.