Hi, On Ubuntu 20.04, I run Tor which listens on 127.0.0.1:9050. The curl testings for using Tor's socks5 proxy are done as following:
werner@X10DAi-01:~$ curl -vI -x socks5://127.0.0.1:9050 https://www.google.com * Trying 127.0.0.1:9050... * TCP_NODELAY set * SOCKS5 communication to www.google.com:443 * SOCKS5 connect to IPv4 216.58.200.36:443 (locally resolved) * SOCKS5 request granted. * Connected to 127.0.0.1 (127.0.0.1) port 9050 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: C=US; ST=California; L=Mountain View; O=Google LLC; CN=www.google.com * start date: Aug 19 14:21:15 2020 GMT * expire date: Nov 11 14:21:15 2020 GMT * subjectAltName: host "www.google.com" matched cert's "www.google.com" * issuer: C=US; O=Google Trust Services; CN=GTS CA 1O1 * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * Using Stream ID: 1 (easy handle 0x5630d1c10db0) > HEAD / HTTP/2 > Host: www.google.com > user-agent: curl/7.68.0 > accept: */* > * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * old SSL session ID is stale, removing * Connection state changed (MAX_CONCURRENT_STREAMS == 100)! < HTTP/2 200 HTTP/2 200 < content-type: text/html; charset=ISO-8859-1 content-type: text/html; charset=ISO-8859-1 < p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." < date: Fri, 04 Sep 2020 22:12:42 GMT date: Fri, 04 Sep 2020 22:12:42 GMT < server: gws server: gws < x-xss-protection: 0 x-xss-protection: 0 < x-frame-options: SAMEORIGIN x-frame-options: SAMEORIGIN < expires: Fri, 04 Sep 2020 22:12:42 GMT expires: Fri, 04 Sep 2020 22:12:42 GMT < cache-control: private cache-control: private < set-cookie: 1P_JAR=2020-09-04-22; expires=Sun, 04-Oct-2020 22:12:42 GMT; path=/; domain=.google.com; Secure set-cookie: 1P_JAR=2020-09-04-22; expires=Sun, 04-Oct-2020 22:12:42 GMT; path=/; domain=.google.com; Secure < set-cookie: NID=204=UbMGogVaUh-hNlUPMbH5WCaVZ5RdpWufhjZCFsKHjFfFyayy7f2ZRadtUur_dT35wye9_dAb3xW9fsuHFWFRRn7mxHcEucMuS7RRlEQq0KQ9igHmZr6eAGbYY4-fL56ZULdkSiSBPyWvSXPV_T8Hi9dR0iLT7LWTlhVvSpP9eo8; expires=Sat, 06-Mar-2021 22:12:42 GMT; path=/; domain=.google.com; HttpOnly set-cookie: NID=204=UbMGogVaUh-hNlUPMbH5WCaVZ5RdpWufhjZCFsKHjFfFyayy7f2ZRadtUur_dT35wye9_dAb3xW9fsuHFWFRRn7mxHcEucMuS7RRlEQq0KQ9igHmZr6eAGbYY4-fL56ZULdkSiSBPyWvSXPV_T8Hi9dR0iLT7LWTlhVvSpP9eo8; expires=Sat, 06-Mar-2021 22:12:42 GMT; path=/; domain=.google.com; HttpOnly < alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" < * Connection #0 to host 127.0.0.1 left intact werner@X10DAi-01:~$ curl -vI -x socks5://127.0.0.1:9050 https://www.baidu.com * Trying 127.0.0.1:9050... * TCP_NODELAY set * SOCKS5 communication to www.baidu.com:443 * SOCKS5 connect to IPv4 220.181.38.149:443 (locally resolved) ^C As you can see, the connection to google succeed while fail for connection to baidu. Any hints for this problem? Regards, -- Hongyi Zhao <hongyi.z...@gmail.com> ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
