Guys, I''m looking to write and ssl mitm proxy...not for illegal reasons...but for a learning experience and for practical use (potentially). Someone had pointed me in the direction of python and twisted, but I''d much prefer to stick with ruby. I was then pointed towards eventmachine as a possibility. I was hoping someone might be able to guide me in the right direction regarding this. So, a few questions: 1. Does eventmachine support ssl? 2. Does implementing something like this in eventmachine make sense, or am I barking up the wrong tree? 3. Can I expect it to be performant enough to not significantly degrade performance on a SOHO network? Thanks for any help you might provide. John
On 3/5/08, John Wells <lists at sourceillustrated.com> wrote:> Guys, > > I''m looking to write and ssl mitm proxy...not for illegal > reasons...but for a learning experience and for practical use > (potentially). > > Someone had pointed me in the direction of python and twisted, but I''d > much prefer to stick with ruby. I was then pointed towards > eventmachine as a possibility.I think that was me on the IRC #ruby-lang> > I was hoping someone might be able to guide me in the right direction > regarding this. So, a few questions: > > 1. Does eventmachine support ssl? > 2. Does implementing something like this in eventmachine make sense, > or am I barking up the wrong tree? > 3. Can I expect it to be performant enough to not significantly > degrade performance on a SOHO network? >EM is fast enough for most of the tasks. And it does have secure socket implementation. Although using full blown ssl may need some work. Best way to have docs is to generate Rdoc of EM( you probably already have docs file installed, if you installed EM using gem, just start gem server and point your browser to gem server url). Also EM works best on Linux.
Check out http://www.matasano.com/proxy.rb, which I wrote several months ago in a hurry. To answer your questions:> 1. Does eventmachine support ssl?Yes, eventmachine''s SSL support is baked into the C extension, based on OpenSSL, which is event-friendly.> 2. Does implementing something like this in eventmachine make sense, > or am I barking up the wrong tree?Proxy tools are the "hello world" of event programming; ie, yes.> 3. Can I expect it to be performant enough to not significantly > degrade performance on a SOHO network?The performance of your proxy will have nothing to do with the performance of your home network. -- --- Thomas H. Ptacek // matasano security read us on the web: http://www.matasano.com/log
On Thu, Mar 20, 2008 at 8:24 AM, Thomas Ptacek <tqbf at matasano.com> wrote:> Check out http://www.matasano.com/proxy.rb, which I wrote several > months ago in a hurry. > > To answer your questions: > > > > 1. Does eventmachine support ssl? > > Yes, eventmachine''s SSL support is baked into the C extension, based > on OpenSSL, which is event-friendly. > > > > 2. Does implementing something like this in eventmachine make sense, > > or am I barking up the wrong tree? > > Proxy tools are the "hello world" of event programming; ie, yes. > > > > 3. Can I expect it to be performant enough to not significantly > > degrade performance on a SOHO network? > > The performance of your proxy will have nothing to do with the > performance of your home network.Awesome...thanks for the response guys and thank you Thomas for the example...that will help immensely! John