Use libCurl with Bluecoat cookie proxy

Go To StackoverFlow.com

3

I am trying to connect through a Bluecoat proxy which uses a cookie during the proxy authentication.

I have been completely unable to find a combination of CURLOPT_ settings that will get CURL to present the cookie during proxy authentication.

So: the proxy responds with:

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: NTLM
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Proxy-Connection: close
Set-Cookie: BCSI-CS-EDD688431754D715=2; Path=/
Connection: close
Content-Length: 825

But curl does not present the cookie in subsequent authentication attempts, no matter what I set for CURLOPT_COOKIEFILE or CURLOPT_COOKIEJAR.

NOTE: I am also using (because I must)

CURLOPT_PROXYTYPE = CURLPROXY_HTTP
CURLOPT_PROXYAUTH = CURLAUTH_ANY
CURLOPT_HTTPPROXYTUNNEL = 1
CURLOPT_CONNECT_ONLY = 1

Is it reasonable to expect CURL to present a cookie with a Proxy-Authorization request?

I am using curl_easy_*, would moving to the multi interface help?

Finally, I am building with 7.19.7

2012-04-04 18:29
by Dave Lowerre
libcurl at least has no intended limitation for this scenari - Daniel Stenberg 2012-04-04 21:18
Daniel! I am honored. Could you give me a clue as to how to get libcurl to present a cookie when it is responding to a 407? I even tried useing CURLOPT_COOKIE to set one explicitly, and it still was not part of the authentication request - Dave Lowerre 2012-04-05 17:46
Just to make sure I wasn't hallucinating, I just now wrote up a test cases that does something similar to your use case here and it works fine. See https://github.com/bagder/curl/blob/master/tests/data/test133 - Daniel Stenberg 2012-04-05 21:24
What you posted gives me real hope. I already saw a couple of days ago a thread on the libcurl mailing list about using the curl command line to deal with a bluecoat proxy. I know that curl can do it. What I am looking for is the CURLOPT_ equivalents for using the library. We are creating a tunnel using CURLOPTHTTPPROXYTUNNEL and CURLOPTCONNECT_ONLY so our conversation with the server is slightly different possibly? Could that be the problem - Dave Lowerre 2012-04-05 21:48
Aha! Yes that is indeed the explanation. The CONNECT thing is done a bit separately in the code and... whatdoyouknow? There's no cookie handling done there! I consider it a bug. Can't promise a swift fix though - Daniel Stenberg 2012-04-05 22:08


3

The CONNECT request is done a bit separately in the code than the "regular" requests and it seems there's no cookie handling done there! I consider it a libcurl bug.

(This is my comment from above, turned into a proper answer.)

2012-04-05 22:10
by Daniel Stenberg
Well that actually works for me! I can get on with my life! (AND recommend that the client disable the cookie surrogate on their proxy!) Thanks again! ;} - Dave Lowerre 2012-04-05 22:13


0

It is possible to create a tunnel through a Blue Coat Proxy. But my advice is not to use a network with the Blue Coat Proxy. In a free country it should not be a problem to buy a SIM card and use a mobile network instead.

Read more at https://bluecoatproxy.wordpress.com

2014-07-21 20:26
by jaques
Does this address your question? https://kb.bluecoat.com/index?page=content&id=FAQ2016&actp=LIS - N8allan 2014-07-21 20:44
Ads