martian icon indicating copy to clipboard operation
martian copied to clipboard

Published 20 hours ago verified publisher icon google

Proxying via curl fails when specifying --key

Open odg0318 opened this issue 5 years ago • 2 comments

I am trying to setup http(s) proxy server using martian.

I generated key/certificate files and tried to run a proxy in cmd using the following command.

./proxy -addr=:8080 -tls-addr=:8081 -api-addr=:9090 -api=localhost -cert=ca.crt -key=ca.key -har -v=2

I will show a history I tried. Please tell me how to configure or what was wrong.

Connecting to http://google.com:80 using curl.

It worked fine.

curl command

$ http_proxy=localhost:8080 https_proxy=localhost:8081 curl -p http://google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>

martin log

2019/04/08 15:55:53 INFO:
--------------------------------------------------------------------------------
Request to http://google.com:80
--------------------------------------------------------------------------------
CONNECT http://google.com:80 HTTP/1.1
Host: google.com:80
Content-Length: 0
User-Agent: curl/7.54.0
Via: 1.1 martian-006e5d3bdb04c9a1b2f8
X-Forwarded-For: ::1
X-Forwarded-Host: google.com:80
X-Forwarded-Proto: http
X-Forwarded-Url: http://google.com:80

Connecting to https://google.com:443 using curl

It didn't work fine.

curl command

$ http_proxy=localhost:8080 https_proxy=localhost:8081 curl -p https://google.com
curl: (56) Proxy CONNECT aborted

martin log

2019/04/08 15:58:30 ERROR: martian: failed to read request: tls: oversized record received with length 20037

Connecting to https://google.com:443 using Chrome

It didn't work fine.

Chrome result

ERR_PROXY_CONNECTION_FAILED

martin log

2019/04/08 15:59:10 ERROR: martian: failed to read request: mitm: SNI not provided, failed to build certificate

odg0318 avatar Apr 08 '19 07:04 odg0318

Looks like you're not telling curl about the tls key with the --key flag.

https://curl.haxx.se/docs/manpage.html#--key

On Mon, Apr 8, 2019, 12:04 AM Guri [email protected] wrote:

I am trying to setup http(s) proxy server using martian.

I generated key/certificate files and tried to run a proxy in cmd using the following command.

./proxy -addr=:8080 -tls-addr=:8081 -api-addr=:9090 -api=localhost -cert=ca.crt -key=ca.key -har -v=2

I will show a history I tried. Please tell me how to configure or what was wrong. Connecting to http://google.com:80 using curl.

It worked fine. curl command

$ http_proxy=localhost:8080 https_proxy=localhost:8081 curl -p http://google.com

301 Moved

301 Moved

The document has moved here.

martin log

2019/04/08 15:55:53 INFO:

Request to http://google.com:80

CONNECT http://google.com:80 HTTP/1.1 Host: google.com:80 Content-Length: 0 User-Agent: curl/7.54.0 Via: 1.1 martian-006e5d3bdb04c9a1b2f8 X-Forwarded-For: ::1 X-Forwarded-Host: google.com:80 X-Forwarded-Proto: http X-Forwarded-Url: http://google.com:80

Connecting to https://google.com:443 using curl

It didn't work fine. curl command

$ http_proxy=localhost:8080 https_proxy=localhost:8081 curl -p https://google.com curl: (56) Proxy CONNECT aborted

martin log

2019/04/08 15:58:30 ERROR: martian: failed to read request: tls: oversized record received with length 20037

Connecting to https://google.com:4443 using Chrome

It didn't work fine. Chrome result

ERR_PROXY_CONNECTION_FAILED

martin log

2019/04/08 15:59:10 ERROR: martian: failed to read request: mitm: SNI not provided, failed to build certificate

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/google/martian/issues/287, or mute the thread https://github.com/notifications/unsubscribe-auth/AADI-eg9mBMJUyGdZyP5DF2hwd-0kxmYks5veuoXgaJpZM4chcpz .

bramhaghosh avatar Apr 08 '19 16:04 bramhaghosh

@bramhaghosh

I tried with --key flag.

$ http_proxy=localhost:8080 https_proxy=localhost:8081 curl --key ca.key https://ipinfo.io
curl: (56) Proxy CONNECT aborted

2019/04/09 10:38:51 DEBUG: martian: accepted connection from [::1]:63363
2019/04/09 10:38:51 DEBUG: martian: waiting for request: [::1]:63363
2019/04/09 10:38:51 ERROR: martian: failed to read request: tls: oversized record received with length 20037
2019/04/09 10:38:51 DEBUG: martian: closing connection: [::1]:63363

odg0318 avatar Apr 09 '19 01:04 odg0318