So much for checking the preview...
Trying to access a service behind a firewall that uses http proxies.
Q: Anyone have experience, or reference to a working example, of using
IO::Socket::* to connect with this soft of a HTTP->HTTPS tunnel proxy?
RHEL6 for system lib's yes, 6.
Curl to the site shows something like (hostnames & IP's modified):
curl --verbose 'https://foo.bar.net/bim/bam'
* Trying 10.10.10.10... * Connected to 10.10.10.10 (10.10.10.10) port 80 (#0)
* Establish HTTP proxy tunnel to foo.bar.net:443
> CONNECT foo.bar.net:443 HTTP/1.1
> Host: foo.bar.net:443 > User-Agent: curl/7.44.0
> Proxy-Connection: Keep-Alive
< HTTP/1.1 503 Service Unavailable
< Cache-Control: no-cache
< X-XSS-Protection: 1
< Connection: close
< Content-Type: text/html; charset=utf-8
< Content-Length: 750
< Pragma: no-cache
< Set-Cookie: frobnicate; path=/; Httponly
< * Received HTTP code 503 from proxy after CONNECT
* Closing connection 0 curl: (56) Received HTTP code 503 from proxy after CONNECT
Looking at the tunnel portion I've tried several approaches shown in IO::Socket::SSL:
Under "Talk Plain and SSL With The Same Socket" alternatives are turning a stock INET
socket into an SSL:
my $sock = IO::Socket::INET->new(...) or die $!;
IO::Socket::SSL->start_SSL($sock,%sslargs) or die $SSL_ERROR;
$sock->stop_SSL or die $SSL_ERROR;
Or starting the connection without SSL and going from there:
my $sock = IO::Socket::SSL->new( PeerAddr => ... SSL_startHandshake => 0, %sslargs ) or die $!;
Both of these get me "connection reset by peer", maybe because the HTTP portion of
the connection doesn't like the switchover to SSL.
my $sock = IO::Socket::INET->new( %http_argz );
IO::Socket::SSL->start_SSL ( $sock , %https_argz );
print $sock "GET / HTTP/1.0\r\n\r\n";
Leaves me with a sigpipe.