Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Curb and proxied SSL connections acting odd #124

Open
jongross opened this issue Jul 11, 2012 · 0 comments
Open

Curb and proxied SSL connections acting odd #124

jongross opened this issue Jul 11, 2012 · 0 comments

Comments

@jongross
Copy link

Thanks for the curb bindings! I haven't looking into it too deeply yet, but I'm attempting to do https over a proxy with the Curb bindings, and I'm getting unexpected results. From the commandline, this works:

jong@analysis: env | grep PROXY
ALL_PROXY=http://outbound-proxy..com:3128
jong@analysis:$ curl --version
curl 7.21.6 (x86_64-pc-linux-gnu) libcurl/7.21.6 OpenSSL/1.0.0e zlib/1.2.3.4 libidn/1.22 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
jong@analysis:$ curl -c cookies.txt -kv -d 'userid=&passwd=' https://.com/resource/loginAction.jsp

..... .....

User-Agent: curl/7.21.6 (x86_64-pc-linux-gnu) libcurl/7.21.6 OpenSSL/1.0.0e zlib/1.2.3.4 libidn/1.22 librtmp/2.3
Proxy-Connection: Keep-Alive

< HTTP/1.0 200 Connection established
<

  • Proxy replied OK to CONNECT request
  • successfully set certificate verify locations:
  • CAfile: none
    CApath: /etc/ssl/certs
  • SSLv3, TLS handshake, Client hello (1):
  • SSLv3, TLS handshake, Server hello (2):
  • SSLv3, TLS handshake, CERT (11):
  • SSLv3, TLS handshake, Server finished (14):
  • SSLv3, TLS handshake, Client key exchange (16):
  • SSLv3, TLS change cipher, Client hello (1):
  • SSLv3, TLS handshake, Finished (20):
  • SSLv3, TLS change cipher, Client hello (1):
  • SSLv3, TLS handshake, Finished (20):
  • SSL connection using RC4-SHA
  • Server certificate:
  • subject: C=US; ST=Washington; L=Seattle; O=F5 Networks Inc; OU=IT Data Solutions; CN=login.f5.com
  • start date: 2012-04-10 16:36:25 GMT
  • expire date: 2014-08-18 10:43:04 GMT
  • subjectAltName: login.f5.com matched
  • issuer: C=US; O=Entrust, Inc.; OU=www.entrust.net/rpa is incorporated by reference; OU=(c) 2009 Entrust, Inc.; CN=Entrust Certification Authority - L1C
  • SSL certificate verify ok.
    POST /resource/loginAction.jsp HTTP/1.1
    User-Agent: curl/7.21.6 (x86_64-pc-linux-gnu) libcurl/7.21.6 OpenSSL/1.0.0e zlib/1.2.3.4 libidn/1.22 librtmp/2.3

..... ......

But when I try and run the same thing with ruby and curl, I get right to the SSL processing output from the curl libraries, and it seems to get confused. I'm not sure what

Proxy-Connection: Keep-Alive
Accept: /
User-Agent: jonger-rb-uploader/1.0

< HTTP/1.0 200 Connection established
<

  • Proxy replied OK to CONNECT request
  • successfully set certificate verify locations:
  • CAfile: none
    CApath: /etc/ssl/certs

POST /resource/loginAction.jsp HTTP/1.1

In my ruby, I'm setting some headers, and this:

ssl_verify_peer = false
proxy_url =

I appear to be receiving the certificates in the curb::easy object body_str, which doesn't seem right. I haven't dug too far, but wondered if you had any thoughts?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jongross