[jira] [Commented] (TS-274) UA side SSL support in forward proxy

Sun, 19 Jan 2014 07:45:54 -0800 

    [ 
https://issues.apache.org/jira/browse/TS-274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13875886#comment-13875886
 ] 

Bryan Call commented on TS-274:
-------------------------------

test at home:

{code}
[bcall@homer ~]$ curl -v -x localhost:8433 http://www.google.com
* Rebuilt URL to: http://www.google.com/
* Adding handle: conn: 0x1e5ed00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x1e5ed00) send_pipe: 1, recv_pipe: 0
* About to connect() to proxy localhost port 8433 (#0)
*   Trying ::1...
* Connection refused
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8433 (#0)
> GET http://www.google.com/ HTTP/1.1
> User-Agent: curl/7.32.0
> Host: www.google.com
> Accept: */*
> Proxy-Connection: Keep-Alive
>
{code}

> UA side SSL support in forward proxy
> ------------------------------------
>
>                 Key: TS-274
>                 URL: https://issues.apache.org/jira/browse/TS-274
>             Project: Traffic Server
>          Issue Type: New Feature
>          Components: SSL
>    Affects Versions: 2.1.0, 2.0.0a
>         Environment: Debian, Linux 2.6.18 32-bit
>            Reporter: Marcus Clyne
>            Assignee: Alan M. Carroll
>              Labels: ssl
>             Fix For: sometime
>
>
> Using self-signed SSL certificates, which are in the correct paths under 
> $prefix, and giving no startup errors, I get the following error when making 
> a request through the proxy :
> {code}
> Mar 24 14:35:09 www traffic_server[27926]: {1146895248} ERROR: SSL ERROR: 
> SSL_ServerHandShake.
> Mar 24 14:35:09 www traffic_server[27926]: {1146895248} ERROR: 
> SSL::5:error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy 
> request:s23_srvr.c:384:
> Mar 24 14:36:47 www traffic_server[27926]: {1146895248} ERROR: SSL ERROR: 
> SSL_ServerHandShake.
> Mar 24 14:36:47 www traffic_server[27926]: {1146895248} ERROR: 
> SSL::5:error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http 
> request:s23_srvr.c:379:
> {code}
> The first of these two was from using Proxifier (Windows software) to connect 
> to the server, the second is from using `curl -k -x $ip:443 
> http://google.com/`.
> The issue appears on the latest trunk version and the 2.0.x branch as of 
> today when used in forward proxy mode.
> I have not personally tested in reverse proxy mode, but zwoop (Freenode IRC 
> name) tested in reverse proxy mode, and reverse proxy mode worked only in the 
> 2.0.x but not trunk.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to