A network device referred to as a transparent proxy may be used to intercept network traffic. In a typical example, a transparent proxy device intercepts TCP/IP network traffic communicated between a client device and a server device. The client device may seek to establish a TCP connection with a server device so that application layer payload can be transferred between the client and server devices across the TCP connection. To establish the TCP connection, the client device transmits a TCP SYN segment so as to engage in a conventional three-way SYN, ACK-SYN, ACK handshake with the server device, thereby establishing the TCP connection. The transparent proxy device, however, intercepts the TCP SYN segment, records information about the TCP connection, and then forwards the TCP SYN segment to the server device. In a similar manner the proxy device records the rest of the TCP three-way handshake between the client device and server device, with the purpose of possibly modifying future TCP segments on the TCP connection.
Many times, the application layer payload that is communicated between the client device and the server device is encrypted. An SSL (Secure Sockets Layer) protocol processing layer is disposed above the TCP protocol processing layer and the application protocol processing layer in the TCP/IP stack of each of the client, proxy, and server devices. Accordingly, application layer data communicated out of the client device destined for the server device is encrypted by the SSL protocol processing layer as the information passes down the protocol processing stack in the client device for transmission out of the client device as link layer frames across the TCP connection. Similarly, the link layer frames are received into the proxy device and the information carried passes up the protocol processing stack of the proxy device. The SSL protocol processing layer decrypts the application layer payload. The application layer payload is, however, destined for the server device, so the proxy device passes the application layer payload back down its protocol processing stack for transmission across the second TCP connection to the server device. In contrast to the client device stack and server device stack, the proxy device protocol processing stack takes care not to modify the original boundaries of the different components on each protocol processing layer, unless required for proper functioning of the TCP control loop, which also implies that none of the headers or footers are stripped from any protocol layer, as would be the case when the server device stack or client device stack receives a link layer frame. As the information goes back down the protocol processing stack, the SSL layer encrypts the application layer payload. The information passes across the second TCP connection to the server device in a link layer frame. The frame is received onto the server device, and is processed up the protocol processing stack of the server device to the SSL layer, where the application layer payload is decrypted. The decrypted application layer payload is then made available to the application layer program executing on the server device.
To enable these encryption and decryption operations in the SSL layers of the protocol processing stacks as described above, two SSL sessions are first established. The first SSL session is established between the client device and the proxy device. The establishing of this first SSL session allows the client device and the proxy device to exchange and agree upon the use of certain cryptographic parameters that the two devices will later use to encrypt and decrypt. Likewise, the second SSL session is established between the proxy device and the server device. The establishing of this second SSL session allows the proxy device and the server device to exchange and agree upon the use of certain cryptographic parameters that the two devices will later use to encrypt and decrypt.
The cryptographic parameter sets used in the two SSL sessions are different, but in one example both SSL sessions use a stream cipher. In a stream cipher, the encryption of each successive byte of SSL payload depends on the state of an SSL encryption engine at the end of the encryption of the prior byte. Likewise, the decryption of each successive byte of SSL payload depends on the state of an SSL decryption engine at the end of the decryption of the prior byte.
In the proxy device example, the proxy server may receive from the client device a link layer frame that in turn carries a TCP segment that in turn carries full or partial SSL records. The proxy server may process the TCP segment up its stack to the SSL layer where decryption of the payload of the SSL record occurs in accordance with the first SSL session. Thereafter, the SSL record payload is encrypted in accordance with the second SSL session and is sent back down the stack so that the TCP segment can be forwarded on its way to the server device. The result is that TCP segments sent from the proxy to the server device contains identical TCP sequence numbers in the TCP header, as well as equal TCP payload length, but the TCP payload in the segments might differ because the cryptographic parameter sets for the two SSL sessions might differ. The same holds true for segments sent from the server device to the client device. Consider the situation in which the server device does not receive the TCP segment. The server device will therefore not return an ACK segment to acknowledge receipt. Consequently, the proxy device will not forward the ACK segment back to the client device. If the client device does not receive acknowledgement that the original TCP segment was received, then in accordance with the TCP protocol the client device will retransmit to the TCP segment. In this scenario, the proxy device receives the retransmitted TCP segment and is to send to the server device a retransmission of the same TCP segment that was previously sent out by was not acknowledged. The TCP segment to be sent the second time to the server device is to contain TCP payload identical to that of the TCP segment previously sent but not acknowledged. To support such retransmission requirements in accordance with the TCP protocol, the proxy device stores a copy of all outgoing TCP payload. If the proxy device receives a TCP segment retransmit from the client device, then the proxy device can identify the corresponding outgoing TCP payload, and send a reconstructed TCP segment in a new frame out to the server device. The encrypted SSL payload carried in the reconstructed frame will be identical to the frame not received by the server device, even though the states of the decrypt and encrypt engines of the SSL layer in the proxy device have moved on in their sequences and are no longer in the correct states to regenerate the SSL encrypted content of the retransmit frame.