Gazelle Proxy 6.0.0
Submitted by abergeGazelle Proxy is under renovation. We firstly focused on the backend and more particularly on the management of the channels and forwarding of messages. That is to say that Gazelle Proxy 6.0.0 comes with a brandnew technology stack for those two features. Although it does not change deeply the use of the tool, changes have been performed and are listed below.
Support of TLS 1.3
The tool administrator can now enable the support of TLSv1.3. The following cipher suites are available:
- TLS_AES_256_GCM_SHA384
- TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
The configuration is performed from Administration > Secured channel management
HTTP Rewrite
Gazelle Proxy is now able to rewrite part of the HTTP Header so servers can properly route the received messages based on the Host header present in the message.
By default, the Host header is not modified so it is sent to the server with the hostname of the Gazelle Proxy. When the "HTTP Rewrite" option is activated on a channel, the Gazelle Proxy changes the HTTP header before forwarding the message to its final destination. The Gazelle Proxy stores ONLY the modified message and inform the user that this is not the original message it received.
Changes in Gazelle Proxy
When the tool administrator creates a new HTTP channel, he can choose to enable the HTTP rewrite option.
Changes in Gazelle Test Management
When the Proxy is enabled, you are allowed to ask the Proxy to rewrite the HTTP header of every message that goes through the channel. For Webservice configuration type, a new checkbox is available when you edit a SUT's network interface configuration entry:
You will see the information whether the option is enabled or not, in the "Details 3" column of the table that gathers all the SUT's network interfaces.
Note that Gazelle now communicates the FQDN in addition to the IP address of each entry.
Support of SNI
For secured channels, the Gazelle Proxy now supports SNI. That's an option that shall be enabled/disabled at channel creation.
Note that SNI option is enabled by default for every secured channel that is opened from Gazelle Test Management.
Channel management (for administrators)
For both SNI and HTTP Rewrite, a label is displayed next to the channel type when the option is enabled.
In addition, for permanent channels, the administrator can choose to make it temporary. It will not stop the channel but the channel will not be restarted in the event when the Proxy is restarted.
New buttons are available:
- Delete all channels: stop and destroy all the channels
- Delete temporary channels: stop and destroy all the channels that are not permanent. The permanent channels remain up and running. It is particularly useful when a testing event ends.
- Synchronize with socket service: Socket service is the new module that is used to manage the channels and forward the messages. When you push this button, the Gazelle Proxy asks the backend to list all the opened channels.
Opening a batch of channels
It is still possible to ask the Gazelle Proxy to open a list of channels at once, but the format exchange has changed in order to improve the way the channels are described. JSON is now used instead of CSV. It is still possible to export the list of channels (as JSON). This new format includes the new options: SNI and HTTP Rewrite.
Handling of errors
The rewrite of the backend allowed us to improve the way the errors are handled and reported to the user. Three error cases are handled by the tool:
- Connection error: The Gazelle Proxy did not manage to send out the message to the receiver because the latter is not listening.
- TLS error: The TLS negociation failed either between the client and the Proxy or between the Proxy and the server. In both cases, the details about the error are displayed when you access the content of the message.
- Decoding error: The Gazelle Proxy encountered an error when trying to decode the message to display it or to extract information from it. The message has been forwarded to its final destination but it might contain errors.