cURL / Mailing Lists / curl-library / Single Mail

curl-library

Libcurl fails to work with server configured by SSL through forward proxy with NTLM authentication

From: Dmitry Danilov <issue.report.libcurl_at_gmail.com>
Date: Wed, 5 Dec 2012 15:04:32 +0200

Hi all,

My C++ application is using libcurl 7.28.0 for communication with server.

libcurl cannot handle response from server and fails with error: �Operation
timed out after 100012 milliseconds with 7 out of 7 bytes received� when it
is connected through forward proxy with NTLM authentication to server
configured by SSL.

When it is connected w/o SSL it works with server successfully.

We have forced HTTP 1.0 according to some of posts we have read but it is
works only partially. We do want to use HTTP 1.1. I have tried 2 different
types of Proxies (see below) without any success. I need to mention that
Basic authentication works does work.
Please review attached libcurl_bug_report_log.log

My Questions:

1. Is there any known issue when connecting through forward proxy with
NTLM authentication to server configured by SSL?

2. According to the data below � is there anything we need to change in
the communication configuration?

Thanks,

Dmitriy

Details:

OS: win7/2003

C++, MSVS 2005

Proxy server: squid/2.7.STABLE5, Microsoft ISA 2006, Microsoft Forefront
TMG 2010

libcurl info:

version: 7.28.0

supported features:

SSL (HTTPS/FTPS) :ssl version: OpenSSL/1.0.0c

HTTP NTLM, asynchronous dns resolves, files bigger than 2GB.

supported protocols:

dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, pop3, pop3s,
rtsp, smtp, smtps, telnet, tftp

Libcurl options:

curl_easy_setopt(hnd, CURLOPT_URL, <server url>);

curl_easy_setopt(hnd, CURLOPT_PROXY, <proxy url>);

curl_easy_setopt(hnd, CURLOPT_PROXYUSERPWD, "domain\\user:password");

curl_easy_setopt(hnd, CURLOPT_PROXYAUTH, (long)CURLAUTH_NTLM);

curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "text-data");

curl_easy_setopt(hnd, CURLOPT_POSTFIELDSIZE_LARGE, (curl_off_t)64d);

curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);

curl_easy_setopt(hnd, CURLOPT_CAINFO, "C:\\path to *.pem");

curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 1L);
curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

text/plain attachment: libcurl_bug_report_log.txt

Received on 2012-12-05

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: PUT With Digest Auth-> CURLOPT_READFUNCTION callback did not get called"
Previous message: Tor Arntsen: "Re: RedHat Linux libcurl 7.28.1 gcc compiler error log file"
Next in thread: Daniel Stenberg: "Re: Libcurl fails to work with server configured by SSL through forward proxy with NTLM authentication"
Reply: Daniel Stenberg: "Re: Libcurl fails to work with server configured by SSL through forward proxy with NTLM authentication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]