Hi , we are trying to add tls support to socks proxy with Curl as part of that we are trying to complete initial TLS handshake. we are trying to run openssl s_server on loopback interface to verify changes we tried two methods both are resulting in fatal error alert from server.
Method 1 - use existing api's used for http proxy but remove any conditions specific for HTTPS proxy.(wireshark: lo_sslversion.pcap) - SSL upgrade of existing socket using curl API’s curl_ssl_connect_nonblocking and curl_ssl_init_proxy for TLS handshake - Fatal alert: protocol version Method 2- use new SSL context init and add certificates/key manually, do simple ssl_connect on sockfd (wireshark: inverse_server_client_l0.pcap) - SSL_set_fd(ssl, sockfd) and SSL_connect(ssl) are used. - Fatal alert illegal parameter. Commands used: server: openssl s_server --accept 1080 -cert certificate1.pem -key key1.pem client: curl -v -g -k --proxy socks5://127.0.0.1:1080 https://www.google.com could you please help understand this error? -- thanks, Anand.S
lo_sslversion.pcap
Description: Binary data
inverse_server_client_l0.pcap
Description: Binary data