Implement web proxy functionality for client services

- Added support for proxying requests to CLIENT_NAME.dominio - Implemented service type detection (web, http, https) with priority ordering - Added tunnel establishment and management for client services - Implemented HTTPS support with invalid certificate acceptance - Added tunnel reuse and timeout management (5 minutes) - Added SSL connection functions for HTTPS tunneling - Fixed build issues and updated dependencies

Implement web proxy functionality for client services
- Added support for proxying requests to CLIENT_NAME.dominio - Implemented service type detection (web, http, https) with priority ordering - Added tunnel establishment and management for client services - Implemented HTTPS support with invalid certificate acceptance - Added tunnel reuse and timeout management (5 minutes) - Added SSL connection functions for HTTPS tunneling - Fixed build issues and updated dependencies
809e083a · Stefy Lanza (nextime / spora ) · 153b6344 · 809e083a · 809e083a · 809e083a
Commit 809e083a authored Jan 16, 2026 by Stefy Lanza (nextime / spora )
7 changed files
--- a/wssshd2/novnc_asset_map.c
+++ b/wssshd2/novnc_asset_map.c
--- a/wssshd2/novnc_assets.h
+++ b/wssshd2/novnc_assets.h
@@ -18,8 +18,8 @@
 #include "html_pages/novnc_input_fixedkeys_js_page.h"
 #include "html_pages/novnc_input_gesturehandler_js_page.h"
 #include "html_pages/novnc_input_keyboard_js_page.h"
-#include "html_pages/novnc_input_keysymdef_js_page.h"
 #include "html_pages/novnc_input_keysym_js_page.h"
+#include "html_pages/novnc_input_keysymdef_js_page.h"
 #include "html_pages/novnc_input_util_js_page.h"
 #include "html_pages/novnc_input_vkeys_js_page.h"
 #include "html_pages/novnc_input_xtscancodes_js_page.h"

--- a/wssshd2/rdp_asset_map.c
+++ b/wssshd2/rdp_asset_map.c
--- a/wssshd2/rdp_assets.h
+++ b/wssshd2/rdp_assets.h
@@ -3,8 +3,8 @@
 #include "html_pages/rdp_clipboard_js_page.h"
 #include "html_pages/rdp_mstsc_js_page.h"
 #include "html_pages/rdp_out_stream_js_page.h"
-#include "html_pages/rdp_rdp_graphics_js_page.h"
 #include "html_pages/rdp_rdp_wasm_js_page.h"
+#include "html_pages/rdp_rdp_graphics_js_page.h"
 #include "html_pages/rdp_reversed_layouts_js_page.h"
 #include "html_pages/rdp_scancodes_js_page.h"
 #include "html_pages/rdp_rdp_wasm_page.h"

--- a/wssshd2/ssl.c
+++ b/wssshd2/ssl.c
@@ -21,6 +21,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <openssl/err.h>
 #include "ssl.h"
 SSL_CTX *ssl_create_context(void) {
@@ -43,6 +44,46 @@ SSL_CTX *ssl_create_context(void) {
    return ctx;
 }
+SSL_CTX *create_ssl_context(void) {
+    SSL_CTX *ssl_ctx;
+    // Initialize SSL
+    SSL_library_init();
+    OpenSSL_add_all_algorithms();
+    SSL_load_error_strings();
+    ssl_ctx = SSL_CTX_new(TLS_client_method());
+    if (!ssl_ctx) {
+        ERR_print_errors_fp(stderr);
+        return NULL;
+    }
+    // Allow self-signed certificates
+    SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, NULL);
+    return ssl_ctx;
+}
+SSL *create_ssl_connection(SSL_CTX *ssl_ctx, int sock, int debug) {
+    SSL *ssl = SSL_new(ssl_ctx);
+    SSL_set_fd(ssl, sock);
+    if (debug) {
+        fprintf(stderr, "[DEBUG] Establishing SSL connection...\n");
+    }
+    if (SSL_connect(ssl) <= 0) {
+        ERR_print_errors_fp(stderr);
+        fprintf(stderr, "SSL connection failed\n");
+        SSL_free(ssl);
+        return NULL;
+    }
+    if (debug) {
+        fprintf(stderr, "[DEBUG] SSL connection established\n");
+    }
+    return ssl;
+}
 void ssl_cleanup(void) {
    EVP_cleanup();
 }

--- a/wssshd2/ssl.h
+++ b/wssshd2/ssl.h
@@ -31,4 +31,8 @@ void ssl_cleanup(void);
 int ssl_load_certificates(SSL_CTX *ctx, const char *cert_file, const char *key_file);
 int ssl_generate_self_signed_cert(const char *cert_file, const char *key_file);
+// Client SSL functions (for web proxy)
+SSL_CTX *create_ssl_context(void);
+SSL *create_ssl_connection(SSL_CTX *ssl_ctx, int sock, int debug);
 #endif /* SSL_H */
\ No newline at end of file
--- a/wssshd2/web_proxy.c
+++ b/wssshd2/web_proxy.c