1

It seems KeepSolid's servers run Squid (https://89.45.7.90:3129), and that the Firefox plugin somehow authenticates, so that Firefox can use it.

I want to use curl with KeepSolid's servers (aka. VPN Unlimited).

(Analyticshub.link seems to be the CN of the TLS certificate).

$ curl -v --proxy https://analyticshub.link:3129 --proxy-digest --proxy-user $user:$pass --location https://www.google.com/ 
* Trying 89.45.7.90:3129... * TCP_NODELAY set * Connected to analyticshub.link (89.45.7.90) port 3129 (#0) * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN, server did not agree to a protocol * Proxy certificate: * subject: CN=analyticshub.link * start date: Jul 5 08:11:25 2021 GMT * expire date: Oct 3 08:11:24 2021 GMT * subjectAltName: host "analyticshub.link" matched cert's "analyticshub.link" * issuer: C=US; O=Let's Encrypt; CN=R3 * SSL certificate verify ok. * allocate connect buffer! * Establish HTTP proxy tunnel to www.google.com:443 * Proxy auth using Digest with user '[email protected]' > CONNECT www.google.com:443 HTTP/1.1 > Host: www.google.com:443 > User-Agent: curl/7.68.0 > Proxy-Connection: Keep-Alive > < HTTP/1.1 407 Proxy Authentication Required < Server: squid/3.5.23 < Mime-Version: 1.0 < Date: Sun, 01 Aug 2021 19:02:51 GMT < Content-Type: text/html;charset=utf-8 < Content-Length: 3557 < X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 < Vary: Accept-Language < Content-Language: en < Proxy-Authenticate: Basic realm="Web-Proxy" < X-Cache: MISS from vpnunlimitedapp.com < X-Cache-Lookup: NONE from vpnunlimitedapp.com:4129 < Connection: close < * Ignore 3557 bytes of response-body * Received HTTP code 407 from proxy after CONNECT * CONNECT phase completed! * Closing connection 0 curl: (56) Received HTTP code 407 from proxy after CONNECT

As you can see the above does not work. What should I do instead?

Improve this question

1 Answer 1

Reset to default
0
+100

This not a 100% answer in the slightest, but I tried to look into how the Firefox plugin works.

The short answer is that it seems to do good authentication using JWT to an authentication service (auth.simplexsolutionsinc.com) using tokens fetched from multiple cloud storage providers for redundancy/bypassing blocking, and returns then some temporary credentials that get used w/ the proxy.

You should be able to capture those short-term credentials and use them like you are right now, but they might not be simple user/pass, and might be something like OAuth2 bearer or a further layer or JWT on the proxy.

Also, thank you for writing GNU Parallel!

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.