/ Zope / Apsis / Pound Mailing List / Archive / 2010 / 2010-05 / Get SSTP connections to work

[ << ] [ >> ]

[ Syslog and X-Forwarded / Keith ... ] [ stripping URL when forwarding / ... ]

Get SSTP connections to work
Stefan Rossbach <str(at)easy-gmbh.ch>		 2010-05-18 15:34:05 [ FULL ] 
I'm trying to get SSTP to work. The HTTPS configuration works fine, after the
cert conversion war ;-), but I run into the following problem:

pound: (7f4e8d5a7910) e501 bad request "SSTP_DUPLEX_POST
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" from x.x.x.x

xHTTP is set to 4

I've found the following information here: http://blogs.technet.com/rrasblog/archive/2007/03/07/configuring-sstp-in-a-reverse-proxy-scenario.aspx

"The HTTP method to look for will be SSTP_DUPLEX_POST. This is the verb that
SSTP uses (which is similar to GET/PUT/POST)."

I found as well a connection scheme for connect over proxy: http://msdn.microsoft.com/en-us/library/cc247411%28PROT.10%29.aspx

In my opinion it should be easy to implement but how?

Thanks in advance
Stefan
Re: [Pound Mailing List] Get SSTP connections to work
Dave Steinberg <dave(at)redterror.net>		 2010-05-18 15:51:16 [ FULL ] 
On 5/18/2010 9:34 AM, Stefan Rossbach wrote:[...]

4 is a good start.  You'll need to patch pound so it understands the 
SSTP_DUPLEX_POST verb (it doesn't, as the log tells you).  Maybe add a 
'5' value, or just extend the verbs allowed by '4'.
[...]

The article assumes you can tell your SSL terminator in a conf file or 
something about the new verb used for SSTP.  In pound's case this 
requires patching the source code.
[...]

Just read the source and try adding support for the new verb.  Pound is 
very readable.  If you want to get fancy, you can try adding a 
configuration directive to allow additional verbs specified in the conf.

PS - Adding support for the verb is merely the first step.  I have no 
idea if it'll work even if you successfully do that - there may be other 
issues involved that you discover later.

Regards,[...]
RE: [Pound Mailing List] Get SSTP connections to work
Joe Gooch <mrwizard(at)k12system.com>		 2010-05-18 16:16:07 [ FULL ] 
Specifically, (Pound 2.5) if you open config.c and search for RPC_IN_DATA,
that's the xHTTP 4 regex.  Just add a |SSTP_DUPLEX_POST to the end and
recompile.

Dave's P.S. still applies. :)

Joe

[...]
RE: [Pound Mailing List] Get SSTP connections to work
Stefan Rossbach <str(at)easy-gmbh.ch>		 2010-05-18 17:26:36 [ FULL ] 
It's not so easy... :-(

Now I get the following error: pound: (7f43a075f910) e500 error copy client
cont to 192.168.16.5:80/SSTP_DUPLEX_POST
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1: Connection timed out
(10.003 sec)

I'm not a programmer or an network guy so I have to give up. Perhaps a person
with the right knowledge will read this ;-)

Thanks
Stefan
RE: [Pound Mailing List] Get SSTP connections to work
justin.kinney(at)academy.com		 2010-05-24 17:22:42 [ FULL ] 
Return Receipt
                                                                           
   Your       RE: [Pound Mailing List] Get SSTP connections to work        
   document:                                                               
                                                                           
   was        justin.kinney(at)academy.com                                    
   received                                                                
   by:                                                                     
                                                                           
   at:        05/24/2010 10:22:41 AM
MailBoxer