i'm developing proxy server using indy 10.5.8 on delphi xe2 as you know TIdHTTPProxyServer does not support ssl navtively so i add a ssl io handler to it and ssl handshake is ok but after that server return error "Socket Error # 10054 Connection reset by peer." and disconnect the ssl libs are ok and i only changed onbefor command like this :
if (TIdTCPClient(AContext.OutboundClient).Port = 443) then
begin
if not (AContext.OutboundClient.IOHandler is TIdSSLIOHandlerSocketOpenSSL) then
begin
if Assigned(AContext.OutboundClient.IOHandler) then
AContext.OutboundClient.IOHandler.Free;
AContext.OutboundClient.IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(AContext.OutboundClient);
end;
SSLClient := TIdSSLIOHandlerSocketOpenSSL(AContext.OutboundClient.IOHandler);
SSLClient.SSLOptions.Method := sslvSSLv23;
SSLClient.SSLOptions.Mode := sslmClient;
SSLClient.SSLOptions.SSLVersions:= [sslvSSLv2, sslvSSLv23, sslvSSLv3, sslvTLSv1];
SSLClient.SSLOptions.VerifyMode := [];
SSLClient.OnStatus := StausChange;
SSLClient.OnStatusInfo := StausChangeex;
SSLClient.PassThrough := False;
AContext.OutboundClient.IOHandler.ReadTimeout := 5000;
end else if AContext.OutboundClient.IOHandler is TIdSSLIOHandlerSocketOpenSSL then
begin
TIdSSLIOHandlerSocketOpenSSL(AContext.OutboundClient.IOHandler).PassThrough := true;
end;
and the trace logs is :
Resolving hostname accounts.google.com.
Connecting to 173.194.70.84.
SSL status: "before/connect initialization"
SSL status: "before/connect initialization"
SSL status: "SSLv2/v3 write client hello A"
SSL status: "SSLv3 read server hello A"
SSL status: "SSLv3 read server certificate A"
SSL status: "SSLv3 read server key exchange A"
SSL status: "SSLv3 read server done A"
SSL status: "SSLv3 write client key exchange A"
SSL status: "SSLv3 write change cipher spec A"
SSL status: "SSLv3 write finished A"
SSL status: "SSLv3 flush data"
SSL status: "SSLv3 read finished A"
SSL status: "SSL negotiation finished successfully"
SSL status: "SSL negotiation finished successfully"
Cipher: name = ECDHE-RSA-AES128-GCM-SHA256; description = ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
; bits = 128; version = TLSv1/SSLv3;
SSL status: "SSL negotiation finished successfully"
Disconnected.
Socket Error # 10054
Connection reset by peer.