The SSL code is in a shared library (SSLeay.so on my system). I think the
functions we're looking to debug are in SSLeay.xs which is processed
into SSLeay.c in the Crypt::SSLeay code. I suspect the openssl function
SSL_get_error() needs to be called to get the real error code... I have no
idea what makes an xs file work...
The other way to see what is happening, would be check the log files of the
SSL server you're trying to connect to. Especially if you can turn the
debug level up.
Somehow it's been working for me, so it is hard for me to suggest what
to try. I suggest using the GET or HEAD example programs that come with
lwp to test, see the lwp-request man page. Other things I can think of:
Try reinstalling openssl and the Crypt-SSLeay module.
Try getting a tcpdump of the connection, and see if it's sending any extra
headers or anything after the CONNECT, before the negotiation.
The GET example works for me using:
Redhat 6.2
perl 5.6.0
Crypt-SSLeay-0.16
libwww-perl-5.48
URI-1.07
openssl-0.9.5a
My https patch as posted on this list.
I use the following environment settings:
http_proxy=http://gateway:80/
https_proxy=https://gateway:80/
My proxy server is running Apache 1.3.12.
Here's an example command line: (our bad placeholder at work. It's small...)
GET -x https://www.voicebs.com/
Here's the output (stderr and stdout mixed together):
LWP::UserAgent::new: ()
LWP::UserAgent::proxy: https https://gateway:80/
LWP::UserAgent::proxy: ftp http://gateway:80/
LWP::UserAgent::proxy: http http://gateway:80/
LWP::UserAgent::request: ()
LWP::UserAgent::simple_request: GET https://www.voicebs.com/
LWP::UserAgent::_need_proxy: Proxied to https://gateway:80/
LWP::Protocol::https::request: ()
LWP::Protocol::https::request: Trying to CONNECT through the proxy server
LWP::Protocol::http::request: ()
LWP::Protocol::http::request: CONNECT www.voicebs.com:443 HTTP/1.0
LWP::Protocol::http::request: reading response
LWP::Protocol::http::request: HTTP/1.0 200 Connection established
Proxy-agent: Apache/1.3.12 (Unix) (Red Hat/Linux)
LWP::Protocol::http::request: HTTP/1.0 200 Connection established
LWP::Protocol::https::request: Transmogrifying our socket
LWP::Protocol::http::request: ()
LWP::Protocol::http::request: GET / HTTP/1.0
Host: www.voicebs.com
User-Agent: lwp-request/1.39
LWP::Protocol::http::request: reading response
LWP::Protocol::http::request: HTTP/1.1 200 OK
Date: Tue, 26 Sep 2000 00:36:25 GMT
Server: Apache/1.3.12 (Unix) mod_ssl/2.6.5 OpenSSL/0.9.5a
Last-Modified: Wed, 26 Jul 2000 19:06:54 GMT
ETag: "2fa17-553-397f36ce"
Accept-Ranges: bytes
Content-Length: 1363
Connection: close
Content-Type: text/html
<HTML>... and so on.
Hopefully this helps...
Chris
[EMAIL PROTECTED]
On Mon, Sep 25, 2000 at 02:32:54PM +0800, Tan Joo Geok wrote:
> Hello.
>
> I am trying to get the libwww to work for SSL through proxy.
> I applied Chris Hiner's patch(see attached) but was unsuccessful in
> getting it to work. I am not much of a perl hacker but it seems to me
> that there is some problem around the part where the socket is supposed
> to turn into an SSL socket(see code portion below). Reason being that I
> have put in a print in the connect subroutine in SSL.pm and the print
> statement did not show up. It does show up for the case when no proxy
> is used though. I have not been able to go much further as the only code
> I found in Crypt::SSLeay::Conn was:
>
> package Crypt::SSLeay::Conn;
> require Crypt::SSLeay;
> 1;
>
> There is also no new function in Crypt::SSLeay. I really have no good feel
> of what's happening in the SSL portion. Perhaps somebody else in this group
> can help.
>
> BTW, my problem is the same as that posted by Fred Noz a while back, he
> didn't seem to get any solution either.
>
> Thank you for your attention.
>
> - Joo Geok
>
>
>
> Code Portion
> ==========
>
> my $socket;
>
> my $proxy_request = $request->clone;
> $proxy_request->method("CONNECT");
>
> my $proxy_protocol = LWP::Protocol::create('http');
>
> LWP::Debug::trace("Trying to CONNECT through the proxy server");
>
> my $proxy_response = $proxy_protocol->request($proxy_request, $proxy,
>$arg,$size, $timeout);
>
> # Did we get through the proxy server?
> return $proxy_response unless($proxy_response->code == 200);
>
> $socket = $proxy_response->{client_socket};
>
> # Turn the socket into an SSL socket
> LWP::Debug::trace("Transmogrifying our socket");
> bless $socket, "Net::SSL";
> *$socket->{'ssl_ctx'} = Net::SSL::_default_context();
> my $ssl = Crypt::SSLeay::Conn->new(*$socket->{'ssl_ctx'}, $socket);
> if ($ssl->connect <= 0) {
> # XXX should obtain the real SSLeay error message
> LWP::Debug::trace("SSL error:".$ssl->connect);
>
>
> Trace Output
> ==========
>
> LWP::UserAgent::new: ()
> LWP::UserAgent::proxy: http http://proxy.krdl.org.sg:8080
> LWP::UserAgent::proxy: https https://proxy.krdl.org.sg:8080
> LWP::UserAgent::request: ()
> LWP::UserAgent::simple_request: GET https://www.nodeworks.com
> LWP::UserAgent::_need_proxy: Proxied to https://proxy.krdl.org.sg:8080
> LWP::Protocol::https::request: ()
> LWP::Protocol::https::request: Trying to CONNECT through the proxy server
> LWP::Protocol::http::request: ()
> LWP::Protocol::http::request: CONNECT www.nodeworks.com:443 HTTP/1.0
>
>
> LWP::Protocol::http::request: reading response
> LWP::Protocol::http::request: HTTP/1.0 200 Connection established
> Proxy-Agent: NetCache 4.1R3
>
> LWP::Protocol::http::request: HTTP/1.0 200 Connection established
> LWP::Protocol::https::request: Transmogrifying our socket
> LWP::Protocol::https::request: SSL error:0
> Net::SSL: SSL negotiation failed at /usr/lib/perl5/site_perl/5.005/LWP/Protocol/
> https.pm line 116
> LWP::UserAgent::request: Simple response: Internal Server Error
>
