(The individual who updated the original patch wishes to remain aloof and anonymous, hense the bogus author description attached to this patch - ed.) ---------------------------------------------------------------- I ported to v 3.22 Tan Swee Heng?s patch, allowing connection through a web proxy. Tan Swee Heng does not seem to support this patch anymore. This patch allows stunnel (in client mode) to connect to a remote SSL service via a web proxy. I strongly wish this functionality was merged into the main stunnel distro. It is not heavy in code but extremely useful for those of us who have to connect to https servers and see what's going on. Anyway, it's up to you. Thank you. Please find below the updated description of the patch, based on Swee Heng's. SCENARIO: ========= Consider the following setup, in which there is no way to connect to the SSL service except via the web proxy: non-SSL _______ web _______ SSL Lynx proxy service Under such circumstances, we run a copy of the patched stunnel (in client mode) on the Lynx machine. By pointing Lynx at stunnel, we will be able to connect to the remote SSL service via the web proxy. MODIFICATIONS TO THE CODE: ========================== 1. Added an OPT_WEBPROXY option 2. Added a command line parameter -Z to specify remote SSL host. 3. Added a connect_to_finaldest() function to make a "CONNECT remoteSSLhost:port HTTP/1.0" request AFTER a socket to the web proxy has been established. The exact content of "remoteSSLhost:port" is the string after the -Z option. 4. Modifiy the help messages to include -Z TESTING: ======== The code has been tested on Mandrake Linux 8.2 with Squid and Apache web proxies. It has not been tested on the Windows platform. HOW TO USE PATCH: ================= 1. patch -p0 < proxy.patch 2. cd stunnel-3.22 3. ./configure; make; make install; HOW TO USE PATCHED STUNNEL: =========================== Suppose your web proxy is listening on port 8080 of proxy.your.domain and your final destination is ssl.netcraft.net on port 443. On your local machine, do the following: stunnel -c -d localhost:8888 -r proxy.your.domain:8080 -Z ssl.netcraft.net:443 Then lynx http://localhost:8888/ should connect you to your destination.