On Wed, 22 Feb 2017, Tanyaofeng wrote:

> 1.The first one is like this:
> Terminal ---> HTTPS proxy ---> origin server
> IP1 IP2:port2 IP4:port4
>
> I set these options:
> curl_easy_setopt(curl, CURLOPT_URL, "http://IP2:port2/xxx/xx");

The URL should always mention the server's name, which if I understand the
above description is at IP4:port4.

> curl_easy_setopt(curl, CURLOPT_PROXY, "IP2");
> curl_easy_setopt(curl, CURLOPT_PROXYPORT, "port2");

If you want to, you specify it all with the CURLOPT_PROXY alone:

  curl_easy_setopt(curl, CURLOPT_PROXY, "http://username:password@IP2:port2");

> curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP_1_0);

You say HTTPS proxy twice above, but here you specify a HTTP proxy. The
difference is that with a HTTP proxy, curl speaks HTTP to the proxy. With an
HTTPS proxy, curl speaks HTTPS already to the proxy.

> 2.The second one is like this:
> Terminal ---> HTTPS reserve proxy ---> origin server
> IP1 IP3:port3 IP4:port4

This was already explained. A client doesn't know about a reverse proxy,
that's a technicality you hide from the world in the server side. You expose a
URL that has a public name, and if you use a reverse proxy you typically have
*that* using the public name and thus appearing as the server to the world.

The "actual" server is then hidden from the public. You can't reach it, unless
you know that the reverse proxy somehow exposes it using some trick.

So in this case you don't configure a proxy at all, you just use the correct
URL that identifies the server (which might be the reverse proxy).

> Now, my question is how I can visit the service on origin server in scenario
> 2 and 3?

You typically can't.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html