Titanium Proxy with windows service

justcoding121 / titanium-web-proxy

A cross-platform asynchronous HTTP(S) proxy server in C#.

MIT License

1.92k stars 605 forks source link

Titanium Proxy with windows service #383

Open harrip12 opened 6 years ago

harrip12 commented 6 years ago

Hello, I am using Titanium Proxy with windows service and I have added Google URL in "IncludedRegexList". My windows service starts automatically on machine start. However for around 10 mins into machine start, all Google URLs are throwing exception in Handle client method.

"Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host."

Because of this I am not able to browse any of the google URLs for 10 minutes after machine start, Meanwhile, other URLs are working fine during this 10 min period after machine start. After 10 mins, the google urls also start working. I couldn't understand why it is throwing exception for sometime after machine start. Please help to find the solution.

harrip12 commented 6 years ago

I noticed that there is a lock on which the request for google are getting stuck in CertificateManager

Function :   internal X509Certificate2 CreateCertificate(string certificateName, bool isRootCertificate)
//has lock
 lock (string.Intern(certificateName))

After checking other thread, I found that there is one thread which is stuck on

typeSignerCertificate.InvokeMember("Initialize", BindingFlags.InvokeMethod, null, signerCertificate, typeValue);

in WinCertificateMaker class under function:

X509Certificate2 MakeCertificate(bool isRoot, string subject, string fullSubject,
            int privateKeyLength, string hashAlg, DateTime validFrom, DateTime validTo,
            X509Certificate2 signingCertificate)

any idea why this happens only at start of machine?

harrip12 commented 6 years ago

@honfika @justcoding121 I am still not able to figure why these scenario happens. Can I have your thoughts on this please.

justcoding121 commented 6 years ago

Check if this problem exists in latest beta release, we removed string.intern lock and instead use a concurrent dictionary to accomplish the same.

harrip12 commented 5 years ago

typeSignerCertificate.InvokeMember("Initialize", BindingFlags.InvokeMethod, null, signerCertificate, typeValue);

Taking too much time to Initialize cert. On some of the machine, after machine restart it take 10-15 min to get internet

harrip12 commented 5 years ago

@honfika @justcoding121 I am continuously facing the same issue on some of the machines, is there any workaround for this.

justcoding121 commented 5 years ago

You can use BouncyCastle as certificate engine instead, since the code you posted above is from WinCertificateMaker.

https://justcoding121.github.io/Titanium-Web-Proxy/docs/api/Titanium.Web.Proxy.Network.CertificateManager.html#Titanium_Web_Proxy_Network_CertificateManager_CertificateEngine