Proxy Option
Closed this issue · 1 comments
drwetter commented
Hi Peter,
maybe it's time to backport the proxy option from 1.1. The current apps/s_client.c
does a CONNECT <H:P> HTTP/0.9. Newer openssl versions (1.1) seems to use 1.0:
OLD (from apps/s_client.c
)
if (http_proxy_str) {
int foundit=0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
BIO_printf(fbio,"CONNECT %s\r\n\r\n", connect_str);
(void)BIO_flush(fbio);
/* wait for multi-line response to end CONNECT response */
do
New:
BIO_push(fbio, sbio);
BIO_printf(fbio, "CONNECT %s HTTP/1.0\r\n\r\n", connectstr);
(void)BIO_flush(fbio);
/*
* The first line is the HTTP response. According to RFC 7230,
* it's formated exactly like this:
*
* HTTP/d.d ddd Reason text\r\n
*/
In one environment I have an outbound squid proxy which doesn't seem to accept 0.9. See also drwetter/testssl.sh#741 and drwetter/testssl.sh#739 .
It probably boils down to just add HTTP/1.0
... Would you like a PR or would you do it yourself?
Cheers!
Dirk