curl / Mailing Lists / curl-library / Single Mail

curl-library

About IP resolve problem when using HTTP proxy

From: Lessandro Mariano <lessandro_at_gmail.com>
Date: Wed, 28 Feb 2018 18:04:29 +0100

Hello,

I'd like to resurrect an old thread regarding CURLOPT_RESOLVE and proxies.

> On Fri, 14 Jun 2013, Jin wrote:
> > So I'm using IP resolve option(CURLOPT_RESOLVE) when downloading file from
> > individual servers.
> >
> > But when I'm going to use HTTP proxy, it doesn't resolve IP address
> > correctly.
> Correct. When you're using a HTTP proxy and pass on a host name based URL, you
> leave it to the proxy to resolve the host name to IP address and the client
> can't affect that in any way. libcurl doesn't do the name => IP translation
> for this case (which you can possibly argue that it should when
> CURLOPT_RESOLVE has been used for the host name),
> If you want to speak to a specific IP address over a HTTP proxy, you need to
> use that IP address in the URL - and then set the correct host name in the
> Host: header.

I'm using CURLOPT_RESOLVE to provide a hostname for common name
validation while connecting to local IPs via HTTPS (e.g. I want to
connect to https://192.168.1.100/ and expect/validate the common name
"abcdef123456").

This works fine, except when I setup a proxy, because CURL will send a
CONNECT abcdef123456:443 HTTP/1.1 to the proxy, which obviously can't
resolve that hostname.

CURL: Added abcdef123456:443:192.168.1.100 to DNS cache
CURL: Hostname 192.168.1.200 was found in DNS cache
CURL: Trying 192.168.1.200...
CURL: TCP_NODELAY set
CURL: Connected to 192.168.1.200 (192.168.1.200) port 10000 (#6)
CURL: allocate connect buffer!
CURL: Establish HTTP proxy tunnel to abcdef123456:443
CURL > CONNECT abcdef123456:443 HTTP/1.1
Host: abcdef123456:443
Proxy-Connection: Keep-Alive

CURL < HTTP/1.1 502 Fiddler - DNS Lookup Failed

I would expect CURL to send a CONNECT 192.168.1.100:443 to the proxy instead.

If this is per design, is there an alternative way to have libcurl
connect to an IP-only HTTPS endpoint through a proxy?

--
Lessandro
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2018-02-28