Hi Alex, On Tue, Aug 27, 2024 at 11:55:04AM +0200, a1ex@dismail.de wrote:
Hi,
Here are 2 separate issues:
1) socks5 proxy on 127.0.0.1:8080 not working.
There is currently no support for socks5 proxies, only HTTP proxies are supported.
This is a proxy over ssh, for example: ssh -N -D 8080 user@example.com
in dillorc: http_proxy="http://localhost:8080/"
console output when trying to connect to a site: Connecting to 127.0.0.1:8080 CONNECT through proxy failed. Full reply not received: (nothing) ** WARNING **: CCC: call on already finished chain. Flags=CCC_Ended
This setup works fine under Firefox.
I tried doing a tcpdump while attempting the connection, and there is no activity.
So, while trying to research this, I ran into another issue:
2) Any time I go to a page on this site, Dillo crashes with the following:
Nav_open_url: new url='https://dillo-dev.auriga.wearlab.narkive.com/WT0JYUZq/dillo-won-t-resolve-ur...' Dns_server [0]: dillo-dev.auriga.wearlab.narkive.com is 149.248.211.108 Connecting to 149.248.211.108:443 TLS connect error: "an EOF was observed that violates the protocol" Tls_close_by_key: Avoiding SSL shutdown for: https://dillo-dev.auriga.wearlab.narkive.com/WT0JYUZq/dillo-won-t-resolve-ur... fd 6 is done and failed dillo(13689) in malloc(): write to free mem 0x60383b59140[24..31]@32 Abort trap
gdb output: Program received signal SIGABRT, Aborted. thrkill () at /tmp/-:2 2 /tmp/-: No such file or directory. in /tmp/-
This is on OpenBSD-current amd64 with LibreSSL 3.9.0, running an unmodified fresh checkout of Dillo master. Also tested on OpenBSD 7.5 with the same result.
I tested the site with: https://www.ssllabs.com/ssltest/analyze.html?d=dillo-dev.auriga.wearlab.nark...
There seem to be some handshake failures during the simulation.
This probably is not be the fault of Dillo, but maybe there is a more graceful to handle this, rather than crashing.
Even a test with curl has issues:
curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to dillo-dev.auriga.wearlab.narkive.com:443
Is this site just broken/misconfigured?
Cannot reproduce with LibreSSL 3.9.2 on Linux. % LD_LIBRARY_PATH=/usr/lib/libressl src/dillo https://dillo-dev.auriga.wearlab.narkive.com/WT0JYUZq/dillo-won-t-resolve-ur... dillo_dns_init: Here we go! (threaded) TLS library: LibreSSL 3.9.2 Enabling cookies as from cookiesrc... Nav_open_url: new url='https://dillo-dev.auriga.wearlab.narkive.com/WT0JYUZq/dillo-won-t-resolve-ur...' Dns_server [0]: dillo-dev.auriga.wearlab.narkive.com is 149.248.211.108 Connecting to 149.248.211.108:443 dillo-dev.auriga.wearlab.narkive.com: TLSv1.3, cipher TLS_AES_128_GCM_SHA256 sha256 2048-bit RSA: /CN=narkive.com sha256 2048-bit RSA: /C=US/O=Let's Encrypt/CN=R11 root: /C=US/O=Internet Security Research Group/CN=ISRG Root X1 NumPendingStyleSheets=1 Dns_server [0]: narkive.net is 188.114.97.5 188.114.96.5 narkive.net: TLSv1.3, cipher TLS_AES_256_GCM_SHA384 ecdsa-with-SHA256 256-bit EC: /CN=narkive.net ecdsa-with-SHA384 256-bit EC: /C=US/O=Google Trust Services/CN=WE1 sha256 384-bit EC: /C=US/O=Google Trust Services LLC/CN=GTS Root R4 root: /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA Can you test with the latest LibreSSL 3.9.2? Is this it happening with the proxy enabled? Also, which user agent are you using in curl and Dillo? Best, Rodrigo.