Download
Browse source Changelog
Documentation
Project   Bug Bounty   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users Mailing lists Book: Everything curl Video presentations Report a bug Paid support
Development
Autobuilds Code Style Contribute Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: TLS handshake failures on socks proxy

From: Daniel Stenberg via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 15 Apr 2020 23:28:14 +0200 (CEST)

On Wed, 15 Apr 2020, Anand Sridharan wrote:

> we would need TLS for initial negotiations only then data transfer to happen
> with normal raw socket , hence stunnel may not totally help us.

This statement puzzled me so I need to ask. When you use a SOCKS proxy there's
just that single connection to the world (for a single transfer), the one to
the proxy. The one you add TLS to. That means that after the handshake, the
initial negotiations, the data flow that comes to and from that proxy will be
TLS-encrypted. Right? Because if not, what's the point with doing a TLS
handhake if there's then going to be data flying that is not TLS protected?

(If you then transfer HTTPS over that connection, you'll get HTTPS within a
TLS encrypted tunnel...) 

-- 
  / daniel.haxx.se | Commercial curl support up to 24x7 is available!
                   | Private help, bug fixes, support, ports, new features
                   | https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2020-04-15