Hi Curl lib support, we are trying to add tls support to socks proxy as part of that we are trying to complete initial TLS handshake.
we are trying to run openssl s_server on loopback interface to verify
changes
we tried two methods both are resulting in fatal error alert from server.
Method 1 - use existing api's used for http proxy but remove any conditions
specific for HTTPS proxy.(wireshark: lo_sslversion.pcap)
- SSL upgrade of existing socket using curl API’s
curl_ssl_connect_nonblocking and curl_ssl_init_proxy for TLS handshake
- Fatal alert: protocol version
Method 2- use new SSL context init and add certificates/key manually, do
simple ssl_connect on sockfd (wireshark: inverse_server_client_l0.pcap)
- SSL_set_fd(ssl, sockfd) and SSL_connect(ssl) are used.
- Fatal alert illegal parameter.
Commands used:
server: openssl s_server --accept 1080 -cert certificate1.pem -key key1.pem
client: curl -v -g -k --proxy socks5://127.0.0.1:1080
https://www.google.com
thanks,
Anand.S
lo_sslversion.pcap
Description: Binary data
inverse_server_client_l0.pcap
Description: Binary data
------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
