You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Setting up a proxy will cause CURLOPT_RESOLVE to be ignored.
This is especially problematic if you are relying on CURLOPT_RESOLVE to provide a host name for SNI or common name validation for a server without a reachable domain name.
For example, I want to connect to a server at https://192.168.1.100 and expect the common name "abcdef123456". This works fine with CURLOPT_RESOLVE -- adding abcdef123456:443:192.168.1.100 to the resolve list, and connecting to https://abcdef123456/, however when a proxy is set, curl sends a CONNECT abcdef123456:443 to the proxy, which will not work.
CURL: Added abcdef123456:443:192.168.1.100 to DNS cache
CURL: Hostname 192.168.1.200 was found in DNS cache
CURL: Trying 192.168.1.200...
CURL: TCP_NODELAY set
CURL: Connected to 192.168.1.200 (192.168.1.200) port 10000 (#6)
CURL: allocate connect buffer!
CURL: Establish HTTP proxy tunnel to abcdef123456:443
CURL > CONNECT abcdef123456:443 HTTP/1.1
Host: abcdef123456:443
Proxy-Connection: Keep-Alive
CURL < HTTP/1.1 502 Fiddler - DNS Lookup Failed
I expect curl to send a CONNECT 192.168.1.100:443 to the proxy instead.
The text was updated successfully, but these errors were encountered:
I can understand what you wanted to happen here, but when curl uses a HTTP proxy it doesn't try to resolve any name (that would even risk leaking that information to local servers) but will send the name as-is to the proxy. CURLOPT_RESOLVE shortcuts name resolving, but since it isn't done for HTTP proxies it has no effect when that's used. Thus, this is actually working as intended!
Setting up a proxy will cause CURLOPT_RESOLVE to be ignored.
This is especially problematic if you are relying on CURLOPT_RESOLVE to provide a host name for SNI or common name validation for a server without a reachable domain name.
For example, I want to connect to a server at https://192.168.1.100 and expect the common name "abcdef123456". This works fine with CURLOPT_RESOLVE -- adding
abcdef123456:443:192.168.1.100
to the resolve list, and connecting tohttps://abcdef123456/
, however when a proxy is set, curl sends aCONNECT abcdef123456:443
to the proxy, which will not work.I expect curl to send a
CONNECT 192.168.1.100:443
to the proxy instead.The text was updated successfully, but these errors were encountered: