I found this page [1], and it said tlslite-ng had implemented tls-over-tls feature, I tested it and it did work. So maybe we can use it in ubuntu-advantage-client for a combination of https proxy and https target.
$ python3 tlsliteclient.py HTTP/1.0 200 Connection Established HTTP/1.1 200 OK server: gunicorn/20.0.4 date: Fri, 13 Jan 2023 07:28:59 GMT content-type: text/html; charset=utf-8 content-length: 64 snap-store-version: 52 x-view-name: snapdevicegw.webapi.root x-vcs-revision: bf69cb87 x-request-id: 0AAC4128E3420A8325F301BB63C1083B15A0F9BD
$ cat tlsliteclient.py #!/usr/bin/env python # coding=utf-8 import tlslite, ssl, socket sock = tlslite.TLSConnection(socket.create_connection(('127.0.0.1', 7070))) sock.handshakeClientCert() sock.sendall(bytes('CONNECT api.snapcraft.io:443 HTTP/1.1\r\nHost: api.snapcraft.io:443\r\n\r\n', 'ascii')) print(sock.recv(1024).decode()); conn = tlslite.TLSConnection(sock) conn.handshakeClientCert() conn.sendall(b'GET / HTTP/1.1\r\nHost: api.snapcraft.io\r\n\r\n') print(conn.recv(1024).decode())
[1] https://github.com/urllib3/urllib3/pull/1121#issuecomment-281686973
I found this page [1], and it said tlslite-ng had implemented tls-over-tls feature, I tested it and it did work. So maybe we can use it in ubuntu- advantage- client for a combination of https proxy and https target.
$ python3 tlsliteclient.py webapi. root 325F301BB63C108 3B15A0F9BD
HTTP/1.0 200 Connection Established
HTTP/1.1 200 OK
server: gunicorn/20.0.4
date: Fri, 13 Jan 2023 07:28:59 GMT
content-type: text/html; charset=utf-8
content-length: 64
snap-store-version: 52
x-view-name: snapdevicegw.
x-vcs-revision: bf69cb87
x-request-id: 0AAC4128E3420A8
$ cat tlsliteclient.py TLSConnection( socket. create_ connection( ('127.0. 0.1', 7070))) lientCert( ) bytes(' CONNECT api.snapcraft. io:443 HTTP/1.1\r\nHost: api.snapcraft. io:443\ r\n\r\n' , 'ascii')) recv(1024) .decode( )); TLSConnection( sock) lientCert( ) io\r\n\ r\n') recv(1024) .decode( ))
#!/usr/bin/env python
# coding=utf-8
import tlslite, ssl, socket
sock = tlslite.
sock.handshakeC
sock.sendall(
print(sock.
conn = tlslite.
conn.handshakeC
conn.sendall(b'GET / HTTP/1.1\r\nHost: api.snapcraft.
print(conn.
[1] https:/ /github. com/urllib3/ urllib3/ pull/1121# issuecomment- 281686973