Other Aqua Proxy: Fix connection issues on OS X 10.6 – 10.9.

[maverick28]

The only reason the flags exist is because I personally needed them while developing AquaProxy.

I know. Can I still have it too?

BTW, the IMAP trick didn't work on Outlook, regardless of whether it was used for localhost or the default server setup.

 

[maverick28]

A couple of notes on "Notes" as the pattern has more or less taken final shape: in my case, it's added only on the account creation and seems OK at first. However, the System Preferences deselects the service later on. It happens because it treats me as "unauthorized".

Req: POST /setup/login_or_create_account HTTP/1.1

Resp: HTTP/1.1 401 Unauthorized

And in the "Authentication" tab of the Charles Requests Inspector, it displays my app-generated password. Several posts earlier, DurltazorOSXPower had a similar problem: an app-specific pwd is rejected. Go figure. Could the root cause be similar as well?

 

[Wowfunhappy]

BTW, the IMAP trick didn't work on Outlook, regardless of whether it was used for localhost or the default server setup.

Are you using IMAP or Exchange with Outlook? Exchange is different protocol, it should go through AquaProxy without doing anything special (it's HTTP traffic), but it may still not work with Apple Mail for reasons unrelated to https support. You might try something like https://davmail.sourceforge.net/, but disclaimer, I have not used it.

Could the root cause be similar as well?

No, the root cause of his problem was that SMTP (sending mail) was broken in Snow Leopard. I'd tested receiving Mail in 10.6 and sending mail in other operating systems, but not the combination of Snow Leopard + sending mail. My mistake.

I know. Can I still have it too?

I don't really understand what you're asking for. --log-urls should log to the console and --force-mitm should mitm all traffic. But if it doesn't for some reason—well, I don't test the flags extensively in every possible configuration like I do other features, they're intended for debugging. If there's anything else you want to see, all my source code, build scripts, etc is on Github.

 

[maverick28]

I'm writing from Lion. This is what howsmyssl reported when I loaded it in Safari 5.

Safari feels a bit sluggish, indeed. Session Ticket support "improvable".


Apple Mail (10.7.5). I can't set up an iCloud Mail account here, it says "The IMAP server is not responding". I managed to add it in offline mode, but it failed to connect. The Little Snitch Network Monitor shows only Aqua-HTTPS running, no Aqua-IMAP.

I checked the certs. All are installed and trusted; however, I have two copies of DigiCert Global Root G2 and DigiCert Global Root G3 (one copy of each cert is under "System", and the other under "System Roots").

launchctl list | grep -i aquaproxy

-->
-     0    Wowfunhappy.AquaProxy.SyncProxiesWithShell.plist
-     0    Wowfunhappy.AquaProxy.Restarter
269    -    Wowfunhappy.AquaProxy.IMAP
270    -    Wowfunhappy.AquaProxy.HTTP

Console:

Update. Alarm call-off. It finally added, but in Lion, the process isn't seamless and straightforward, so much so that the ambiguity caused by it is quite dramatic. The hardest was adding the first IMAP account. The IMAP proxy kicked into action one hour after I set my iCloud account. I had never touched server settings, so the fact that Apple was slow-witted enough to hide the port field in the server configuration window of Lion's Mail until the setup is complete only stirred my confusion. It takes some time for the inner workings to sort out, and then everything goes swimmingly.

 

[maverick28]

iTunes store works again too, after reinstalling the proxy. i added these lines, as per a reddit post, and the hotmail one fixes MSN 3.0 iirc.


76.217.61.232 phobos.apple.com

76.217.61.232 init.itunes.apple.com
76.217.61.232 ax.init.itunes.apple.com

I added these lines to my hosts file, but now the iTunes Store connects forever and then aborts with a timeout alert. I suspect it's because it tries to connect on port 80, while the correct one is 443 it phones a missing link.

 

[GalacticStag]

odd, mine complains about an unsafe connection, but then i click accept and the store works! might depend on your version though. im on 9.2.1

I added these lines to my hosts file, but now the iTunes Store connects forever and then aborts with a timeout alert. I suspect it's because it tries to connect on port 80, while the correct one is 443.

 

[maverick28]

Then it changes the perspective: every macOS is tethered to its specific realm of IPs in the AppleNet. I don't need port forwarding for the Store to load, but this annoying security prompt will pore my eyes out over it.

 

[DurltazorOSXPower]

Ok, it seems to be working now, for whatever reason. VERY weird that yesterday it didn't work. I uninstalled LMP (legacy mac proxy) through the aqua uninstaller, didn't uninstall the certs, and then installed aqua proxy. Everything seems to work now! And btw, i did restart my computer yesterday when it initially didn't work. So for it to work now is quite strange, i have to say.


iTunes store works again too, after reinstalling the proxy. i added these lines, as per a reddit post, and the hotmail one fixes MSN 3.0 iirc.


76.217.61.232 phobos.apple.com

76.217.61.232 init.itunes.apple.com
76.217.61.232 ax.init.itunes.apple.com
143.198.4.104 messenger.hotmail.com

Anyways, NOW that everything seems to work, thank you for making this, and apologies if i gave you a little scare with my initial encounters!

Sorry to ask..but, where did you add these lines so that Snow iTunes works? mine when trying to connect it requests the iTunes update.

 

[maverick28]

You edit a file at /etc/hosts. You should know how to perform basic editing operations in such Unix editors as vim and nano. The latter is easier and more intuitive.

sudo nano /etc/hosts

When you enter the editor, put the lines from above so that they conform to the order of an IP (dotted numeric sequences) followed by a space followed by a domain name (i.e., init.itunes.apple.com). Mind the bottom bar of the editor's window for the cues to the editing commands. Each of them should be enforced by pressing the ⏎Enter key. So, for example, "Write Out" is, if I recall correctly, the key shortcut Ctrl-X Ctrl-W, then Enter, then another one to exit (forgot the shortcut, Ctrl-X perhaps). Done.