Re: TLS handshake failures on socks proxy
Date: Wed, 15 Apr 2020 17:26:13 -0700
Hi ,
Yes , technically but we need specific requirement to support TLS only for
initial negotiations and then bring down TLS tunnel.
we tried stunnel as well we seem to get empty response from server after
initial negiotiations curl: (52) Empty reply from server.
Hence if we are able to handshake via curl that might be better.
On Wed, Apr 15, 2020 at 2:28 PM Daniel Stenberg <daniel_at_haxx.se> wrote:
> On Wed, 15 Apr 2020, Anand Sridharan wrote:
>
> > we would need TLS for initial negotiations only then data transfer to
> happen
> > with normal raw socket , hence stunnel may not totally help us.
>
> This statement puzzled me so I need to ask. When you use a SOCKS proxy
> there's
> just that single connection to the world (for a single transfer), the one
> to
> the proxy. The one you add TLS to. That means that after the handshake,
> the
> initial negotiations, the data flow that comes to and from that proxy will
> be
> TLS-encrypted. Right? Because if not, what's the point with doing a TLS
> handhake if there's then going to be data flying that is not TLS protected?
>
> (If you then transfer HTTPS over that connection, you'll get HTTPS within
> a
> TLS encrypted tunnel...)
>
> --
>
> / daniel.haxx.se | Commercial curl support up to 24x7 is available!
> | Private help, bug fixes, support, ports, new features
> | https://www.wolfssl.com/contact/
>
-- thanks, Anand.S
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-04-16