Charles Romestant | 31 Mar 21:10 2015
Picon

Cookie jar handling in redirects

Hello, 
I've been messing around with this for a few days, trying to test a custom oauth flow with no user interraction if some authentication headers are present.
This flow basically moves from page to page setting cookes and finally returning to a specific callback URL.
Now, this flow in the browser works ( tested it) and in postman also , but I would love to leave an automated test with curl CLI running somewhere.
In my tests, I see the redirections being followed properly, but the cookies are behaving a bit wonky.
Let me explain:

This is my command :



As you can see I have a specific header and its hash (secret hashed), these , in normal circumstances, are added by a specific network element on non SSL traffic on my net. So the flow goes from [https]URL_/authorize ->[HTTP]URL_ /openid -->[HTTPS]URL/other --> CALLBACK

moving from https to http just to allow the network element to add the headers at one point of the flow.

So the problem here is that I see the cookie being set and then unset by curl ( full output [redacted for privacy of my comp] below)


I can see the cookie being set:
* Added cookie myserver_SESSION="" for domain pre-prod.id.myserver.com, path /, expire 1427845458

< Set-cookie: myserver_SESSION = 22db4aad-8084-4094-c592-d8e5bad8756b; Max-Age=18000; Version=1; path=/

but then I see on the second request ( following the 302 redirect)
> Cookie: myserver_SESSION=
 then on the third request it my server sets another cookie, but this one is also ignored by curl ( as evidenced by the content of the cookie file pasted at the end).


in advance, thank you for your help.


Charles-Romestant-MacBook-Air:~ cromestant$ time curl -v -H "X-MSISDN-HASHED: ux2gcxCxLBcmBo4END_OF_HASH" -H "X-MSISDN: 5959ENDOFFvALUE" "https://pre-prod.id.myserver.com/oauth/v2/authorize?redirect_uri=http%3A%2F%2Fopenidtest.myservercloud.net%3A3000%2Fcallback&client_id=oc3AOm2KTU92rG6Yzs7jAD74DUdTuuHO&scope=openid%20mobileid&login_hint=&prompt=none&response_type=code" -c cookies.txt -L >/dev/null

* Hostname was NOT found in DNS cache

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 54.236.147.89...

* Connected to pre-prod.id.myserver.com (54.236.147.89) port 443 (#0)

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

* Server certificate: id.myserver.com

* Server certificate: Thawte SSL CA

* Server certificate: thawte Primary Root CA

> GET /oauth/v2/authorize?redirect_uri=http%3A%2F%2Fopenidtest.myservercloud.net%3A3000%2Fcallback&client_id=oc3AOm2KTU92rG6Yzs7jAD74DUdTuuHO&scope=openid%20mobileid&login_hint=&prompt=none&response_type=code HTTP/1.1

> User-Agent: curl/7.37.1


> Accept: */*

> X-MSISDN-HASHED: ux2gcxCxLBcmBo4END_OF_HASH

> X-MSISDN: 5959ENDOFFvALUE


< HTTP/1.1 302 Found

< Access-Control-Allow-Credentials: true

< Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,X-Requested-With,X-CSDKVersion

< Access-Control-Allow-Methods: OPTIONS,GET,POST

< Access-Control-Allow-Origin: 

< Access-Control-Max-Age: 86400

< Cache-Control: no-store


< Pragma: no-cache

* Added cookie myserver_SESSION="" for domain pre-prod.id.myserver.com, path /, expire 1427845458

< Set-cookie: myserver_SESSION = 22db4aad-8084-4094-c592-d8e5bad8756b; Max-Age=18000; Version=1; path=/

< Content-Length: 0

< Connection: keep-alive


  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

* Connection #0 to host pre-prod.id.myserver.com left intact

* Issue another request to this URL: 'http://pre-prod.id.myserver.com/openid?auth_flow='

* Found bundle for host pre-prod.id.myserver.com: 0x7f8a59601850

* Hostname was NOT found in DNS cache

*   Trying 54.208.60.119...

* Connected to pre-prod.id.myserver.com (54.208.60.119) port 80 (#1)

> GET /openid?auth_flow= HTTP/1.1

> User-Agent: curl/7.37.1


> Accept: */*

> Cookie: myserver_SESSION=

> X-MSISDN-HASHED: ux2gcxCxLBcmBo4END_OF_HASH

> X-MSISDN: 5959ENDOFFvALUE


< HTTP/1.1 302 Found

< Access-Control-Allow-Origin: 

< Content-Type: application/json


< Content-Length: 125

< Connection: keep-alive


* Ignoring the response-body

{ [data not shown]

100   125  100   125    0     0    147      0 --:--:-- --:--:-- --:--:--   147

* Connection #1 to host pre-prod.id.myserver.com left intact

* Issue another request to this URL: 'https://pre-prod.id.myserver.com/openid?auth_flow='

* Found bundle for host pre-prod.id.myserver.com: 0x7f8a59601850

* Re-using existing connection! (#0) with host pre-prod.id.myserver.com

* Connected to pre-prod.id.myserver.com (54.236.147.89) port 443 (#0)

> GET /openid?auth_flow= HTTP/1.1

> User-Agent: curl/7.37.1


> Accept: */*

> Cookie: myserver_SESSION=

> X-MSISDN-HASHED: ux2gcxCxLBcmBo4END_OF_HASH

> X-MSISDN: 5959ENDOFFvALUE


< HTTP/1.1 200 OK

< Access-Control-Allow-Origin: *

< Cache-Control: no-cache, must-revalidate

< Content-Type: text/html

< Date: Tue, 31 03 2015 18:44:18 GMT

< Pragma: no-cache

* Replaced cookie myserver_SESSION="" for domain pre-prod.id.myserver.com, path /, expire 1427845458

< Set-cookie: myserver_SESSION =d16dbaba-79f9-4b03-b801-b5f004ee716d; PROFILE-id=deleted; Max-Age=18000; Version=1; path=/

< X-Powered-By: Express

< Content-Length: 13529

< Connection: keep-alive


{ [data not shown]

100 13529  100 13529    0     0  13926      0 --:--:-- --:--:-- --:--:-- 13926

* Connection #0 to host pre-prod.id.myserver.com left intact



real 0m0.987s

user 0m0.034s

sys 0m0.017s

Charles-Romestant-MacBook-Air:~ cromestant$ cat cookies.txt 

# Netscape HTTP Cookie File


# This file was generated by libcurl! Edit at your own risk.

pre-prod.id.myserver.com FALSE / FALSE 1427845458 myserver_SESSION

-- 
MSc. Charles M. Romestant F.


Merci de penser à l'environnement avant d'imprimer cet e-mail
Please think about the environment before you print this e-mail
Por favor piense en el medio ambiente antes de imprimir este e-mail

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 30 Mar 16:59 2015
Picon

The --range option doesn't take effect for my case.

Hi developer,

I compiled the latest git version of curl 7.42.0-DEV on Debian Wheezy,
and also learned the following options from its built-in manual page:
 
-------------------------
       -r, --range <range>
              (HTTP/FTP/SFTP/FILE)  Retrieve a byte range (i.e a partial docu‐
              ment) from a HTTP/1.1, FTP or  SFTP  server  or  a  local  FILE.
              Ranges can be specified in a number of ways.

              0-499     specifies the first 500 bytes
[snipped]
------------------------------

So I try to test this option with the following comands:

1- Firstly, I obtain the length and content type of the target webpage as follows: 

werner <at> debian:~$ curl -I http://130.158.6.87/api/iphone/
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 1128131
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
Set-Cookie: sid=56F3865922CC; expires=Fri, 30-Mar-2018 14:46:59 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 30 Mar 2015 14:46:56 GMT

2- Then, I try to obtain the the first 500 bytes for the above webpage:

----------------------------
werner <at> debian:~$ curl --range 0-499 http://130.158.6.87/api/iphone/
*vpn_servers
#HostName,IP,Score,Ping,Speed,CountryLong,CountryShort,NumVpnSessions,Uptime,TotalUsers,TotalTraffic,LogType,Operator,Message,OpenVPN_ConfigData_Base64
vpn277114450,126.28.186.172,630670,3,76498757,Japan,JP,65,31526254,52524,5876446960061,2weeks,ran-PC's owner,,IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIw0KIyBPcGVuVlBOIDIuMCBTYW1wbGUgQ
[snipped]
------------------------------------

As you can see, though I use the  ` --range 0-499' option, curl still will download all of the contents of that webpage.

Why does this happen?  Any hints?

Regards
--
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 30 Mar 16:46 2015
Picon

Is there the upper limit for the number of instances of curl runing at the same time?

Hi developer,

I often run multiple curl instances on my Debian box at the same time, say as following:

curl --arg_1 url_1 &
curl --arg_2 url_2 &
curl --arg_3 url_3 &
...
curl --arg_n url_n &

So I want to know whether this method will harm the stability and the correctness of my finally resutls or not when the number of instances is very large, say, 10000.

Furthermore, is there the upper limit for the number of instances of curl runing at the same time?

Any hints?

Regards
--
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 30 Mar 08:57 2015
Picon

Cann't enable some options when compling curl.


Hi all,

I use Debian Wheezy, see following for detail:

-------
werner <at> debian:~$ lsb_release -a No LSB modules are available.
Distributor ID:    Debian Description:    Debian GNU/Linux 7.8 (wheezy)
Release:    7.8 Codename:    wheezy -------

Now, I compile the curl based on the source code cloned from git repo.
When I issued the `./configure' command, I noticed that there are some
options/functions are disabled as following:

  GSS-API support:  no      (--with-gssapi) SSPI support:     no    
  (--enable-sspi) metalink support: no      (--with-libmetalink)
  HTTP2 support:    disabled (--with-nghttp2)

I want to enable them, and tried to install some dev packages from
Debian's synaptic tool, but failed at all.  Are there someone here has
been successfully compiled it with the above  options/functions enabled?

Regards

--
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
dev | 21 Mar 20:23 2015

curl-7.41.0 hangs on test 0815 on Solaris 10 Sparc


curl'ers :

    Not sure if this is a bug already or even if it has been seen
before. I built curl as per usual and then ran the tests as per usual
and for some odd reason the tests just seems to go on forever. I tend to
output all terminal traffic to a file so I can review later and the
thing just hung there, for a day or so.  Something is clearly wrong.

I checked ps -ef and saw a massive pile of "defunct" process ids and the
output from the tests was stuck at test 0815. After a few CTRL-C's I see
:

mimas # tail ../curl-7.41.0_SunOS5.10_sparcv9.001.check.log
test 0810...OK (492 out of 971, remaining: 623:49)
test 0811...OK (493 out of 971, remaining: 621:15)
test 0812...OK (494 out of 971, remaining: 618:43)
test 0813...OK (495 out of 971, remaining: 616:11)
test 0814...OK (496 out of 971, remaining: 613:40)
test 0815...Somebody sent me a SIGINT at ./runtests.pl line 336.
OK (497 out of 971, remaining: 611:09)
test 0816...runtests.pl received SIGINT, exiting
gmake[1]: *** [quiet-test] Error 2
gmake: *** [test] Interrupt

So .. oops.

Compiler is Oracle Studio 12.4 and I have all the same usual things I
always have and never see this.

Digging through the output from ps -ef I see pid 15217 :

     UID   PID  PPID   C    STIME TTY         TIME CMD
   root 15217 12371   0 08:29:10 pts/2       0:00 perl -I.
./ftpserver.pl --pidfile .ftp_server.pid --logfile log/ftp_server.log

That pid has a ton of <defunct> children. Just a slew of them :

    root 18085 15217   0        - ?           0:00 <defunct>
    root 18079 15217   0        - ?           0:00 <defunct>
    root 18083 15217   0        - ?           0:00 <defunct>
    root 18081 15217   0        - ?           0:00 <defunct>
    root 18091 15217   0        - ?           0:00 <defunct>
    root 18087 15217   0        - ?           0:00 <defunct>
    root 18089 15217   0        - ?           0:00 <defunct>

Pages of that.

So not sure what's up here.

Compiler and basic env stuff is :

mimas # which cc
/opt/solarisstudio12.4/bin/cc
mimas # cc -V
cc: Sun C 5.13 SunOS_sparc 2014/10/20
mimas #
mimas # echo $CFLAGS
-errfmt=error -erroff=%none -errshort=full -xstrconst -xildoff -m64
-xmemalign=8s -xnolibmil -Xa -xcode=pic32 -xregs=no%appl -xlibmieee -mc
-g -xs -ftrap=%none -Qy -xbuiltin=%none -xdebugformat=dwarf -xunroll=1
-xtarget=ultra2 -D_TS_ERRNO -D_POSIX_PTHREAD_SEMANTICS
-D_LARGEFILE64_SOURCE
mimas #

mimas # env | sort | grep LD
LD=/usr/ccs/bin/sparcv9/ld
LD_LIBRARY_PATH=/usr/local/lib:/usr/local/ssl/lib
LD_OPTIONS=-64
-R/usr/local/lib/$ISALIST:/usr/local/ssl/lib/$ISALIST:/usr/local/lib:/usr/local/ssl/lib
-L/usr/local/lib/$ISALIST:/usr/local/ssl/lib/$ISALIST:/usr/local/lib:/usr/local/ssl/lib
LD_RUN_PATH=/usr/local/lib:/usr/local/ssl/lib

My previous rev of curl works great :

mimas # which curl
/usr/local/bin/curl

mimas # curl --version
curl 7.40.0 (sparc-sun-solaris2.10) libcurl/7.40.0 OpenSSL/1.0.2a
zlib/1.2.8 libidn/1.29 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets

mimas # file /usr/local/bin/curl
/usr/local/bin/curl: ELF 64-bit MSB executable SPARCV9 Version 1,
UltraSPARC1 Extensions Required, dynamically linked, stripped
mimas # ldd /usr/local/bin/curl
        libcurl.so.4 =>  /usr/local/lib/libcurl.so.4
        libidn.so.11 =>  /usr/local/lib/libidn.so.11
        libintl.so.8 =>  /usr/local/lib/libintl.so.8
        libc.so.1 =>     /lib/64/libc.so.1
        libiconv.so.2 =>         /usr/local/lib/libiconv.so.2
        libssh2.so.1 =>  /usr/local/lib/libssh2.so.1
        libssl.so.1.0.0 =>       /usr/local/ssl/lib/libssl.so.1.0.0
        libcrypto.so.1.0.0 =>    /usr/local/ssl/lib/libcrypto.so.1.0.0
        libldap.so.5 =>  /usr/lib/64/libldap.so.5
        libz.so.1 =>     /usr/local/lib/libz.so.1
        librt.so.1 =>    /lib/64/librt.so.1
        libsocket.so.1 =>        /lib/64/libsocket.so.1
        libnsl.so.1 =>   /lib/64/libnsl.so.1
        libdl.so.1 =>    /lib/64/libdl.so.1
        libz.so.1 (SUNW_1.1) =>  (version not found)
        libsasl.so.1 =>  /usr/lib/64/libsasl.so.1
        libmd.so.1 =>    /lib/64/libmd.so.1
        libnspr4.so =>   /usr/lib/mps/64/libnspr4.so
        libplc4.so =>    /usr/lib/mps/64/libplc4.so
        libnss3.so =>    /usr/lib/mps/64/libnss3.so
        libssl3.so =>    /usr/lib/mps/64/libssl3.so
        libaio.so.1 =>   /lib/64/libaio.so.1
        libmp.so.2 =>    /lib/64/libmp.so.2
        libscf.so.1 =>   /lib/64/libscf.so.1
        libpthread.so.1 =>       /lib/64/libpthread.so.1
        libnssutil3.so =>        /usr/lib/mps/sparcv9/libnssutil3.so
        libplds4.so =>   /usr/lib/mps/sparcv9/libplds4.so
        libthread.so.1 =>        /lib/64/libthread.so.1
        libdoor.so.1 =>  /lib/64/libdoor.so.1
        libuutil.so.1 =>         /lib/64/libuutil.so.1
        libgen.so.1 =>   /lib/64/libgen.so.1
        libm.so.2 =>     /lib/64/libm.so.2
        /platform/SUNW,UltraAX-i2/lib/sparcv9/libc_psr.so.1
        /platform/SUNW,UltraAX-i2/lib/sparcv9/libmd_psr.so.1

mimas # elfdump -devl /usr/local/bin/curl

ELF Header
  ei_magic:   { 0x7f, E, L, F }
  ei_class:   ELFCLASS64          ei_data:       ELFDATA2MSB
  ei_osabi:   ELFOSABI_SOLARIS    ei_abiversion: EAV_SUNW_CURRENT
  e_machine:  EM_SPARCV9          e_version:     EV_CURRENT
  e_type:     ET_EXEC
  e_flags:    [ EF_SPARCV9_TSO EF_SPARC_SUN_US1 ]
  e_entry:           0x100003660  e_ehsize:     64  e_shstrndx:  22
  e_shoff:               0x2d348  e_shentsize:  64  e_shnum:     23
  e_phoff:                  0x40  e_phentsize:  56  e_phnum:     5

Version Needed Section:  .SUNW_version
     index  file                        version
       [2]  libc.so.1                   SUNW_0.7
       [3]  librt.so.1                  SUNW_0.7

Dynamic Section:  .dynamic
     index  tag                value
       [0]  NEEDED            0xa41               libcurl.so.4
       [1]  NEEDED            0xa4e               libidn.so.11
       [2]  NEEDED            0xa5b               libintl.so.8
       [3]  NEEDED            0xa23               libc.so.1
       [4]  NEEDED            0xa68               libiconv.so.2
       [5]  NEEDED            0xa76               libssh2.so.1
       [6]  NEEDED            0xa83               libssl.so.1.0.0
       [7]  NEEDED            0xa93               libcrypto.so.1.0.0
       [8]  NEEDED            0xaa6               libldap.so.5
       [9]  NEEDED            0xab3               libz.so.1
      [10]  NEEDED            0xa36               librt.so.1
      [11]  NEEDED            0xabd               libsocket.so.1
      [12]  NEEDED            0xacc               libnsl.so.1
      [13]  INIT              0x100012e80
      [14]  FINI              0x100012e90
      [15]  RUNPATH           0xad8
              /usr/local/lib/$ISALIST:/usr/local/ssl/lib/$ISALIST:/usr/local/lib:/usr/local/ssl/lib:/usr/local/lib
      [16]  RPATH             0xad8
              /usr/local/lib/$ISALIST:/usr/local/ssl/lib/$ISALIST:/usr/local/lib:/usr/local/ssl/lib:/usr/local/lib
      [17]  HASH              0x100000178
      [18]  STRTAB            0x100001dc8
      [19]  STRSZ             0xd3d
      [20]  SYMTAB            0x100000898
      [21]  SYMENT            0x18
      [22]  CHECKSUM          0x2262
      [23]  VERNEED           0x100002b08
      [24]  VERNEEDNUM        0x2
      [25]  PLTRELSZ          0x918
      [26]  PLTREL            0x7
      [27]  JMPREL            0x100002d40
      [28]  RELA              0x100002d10
      [29]  RELASZ            0x948
      [30]  RELAENT           0x18
      [31]  DEBUG             0
      [32]  FLAGS             0                   0
      [33]  FLAGS_1           0                   0
      [34]  SUNW_STRPAD       0x200
      [35]  SUNW_LDMACH       0x2b                EM_SPARCV9
      [36]  PLTGOT            0x100125f00
   [37-47]  NULL              0

Any pointers or input is wonderfully accepted.

Dennis

ps: sorry, day after a birthday and I fall on this.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Tomáš Čech | 21 Mar 17:33 2015
Picon

bug: curl behaviour without CA path set

Hi,

on GuixSD distribution I have found really weird behaviour of command
line curl program.

  $ curl http://www.google.com
  curl: (4) A requested feature, protocol or option was not found built-in in this libcurl due to a build-time decision.

I walk through the code with debugger and it seems to be related to

https://github.com/bagder/curl/blob/9ce2d7001939b795b45a8ce7700d1a3dcde0475d/lib/url.c#L2042

So I conducted experiment to verify my suspicion:

  $ SSL_CERT_DIR="" curl http://www.google.com
  <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
  <TITLE>302 Moved</TITLE></HEAD><BODY>
  <H1>302 Moved</H1>
  The document has moved
  <A HREF="http://www.google.cz/?gfe_rd=cr&amp;ei=YFcNVaqxKYzz8QPX_ID4CQ">here</A>.
  </BODY></HTML>

I have SSL_CERT_DIR variable set which prevents curl from working for
any protocol, even those without TLS.

I checked the way we build curl package and we don't have either
enabled or disabled central CA path through --with-ca-path
resp. --without-ca-path, but in the end of configure output I can see:

  ca cert bundle:   no
  ca cert path:     no

When I enabled --with-ca-path=/some/dir, I got configure error:

  checking default CA cert bundle/path... configure: error: --with-ca-path only works with openSSL or PolarSSL

So, I can't enable the relevant part of the code and will get always
the CURLE_NOT_BUILT_IN in this code path because of my TLS library
choice.

I don't know whether GnuTLS can have CA path configured or not, but
mere environment variable set shouldn't prevent cURL from working. I
believe that this is bug.

Do you have any ideas how to fix it?

Best regards,

Tomáš Čech
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Nikita Michalko | 20 Mar 12:34 2015

Re: curl-users Digest, Vol 115, Issue 14

On 20.03.2015 12:00, curl-users-request <at> cool.haxx.se wrote:
> Send curl-users mailing list submissions to
> 	curl-users <at> cool.haxx.se
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
> or, via email, send a message with subject or body 'help' to
> 	curl-users-request <at> cool.haxx.se
>
> You can reach the person managing the list at
> 	curl-users-owner <at> cool.haxx.se
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of curl-users digest..."
>
>
> Today's Topics:
>
>     1. curl, 17 years today! (Daniel Stenberg)
>     2. Re: curl, 17 years today! (Fredrik Gustafsson)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 20 Mar 2015 11:24:20 +0100 (CET)
> From: Daniel Stenberg <daniel <at> haxx.se>
> To: curl users <curl-users <at> cool.haxx.se>, libcurl hacking
> 	<curl-library <at> cool.haxx.se>
> Subject: curl, 17 years today!
> Message-ID: <alpine.DEB.2.11.1503201121490.11530 <at> tvnag.unkk.fr>
> Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
>
> Hi friends,
>
> Today we celebrate the fact that it is exactly 17 years since the first
> public release of curl.
>
> When I released that first version in the spring of 1998, we had only a
> handful of users and a handful of contributors. curl was just a little tool
> and we were still a few years out before libcurl would become a thing of its
> own.
>
> The rest at:
>
>     http://daniel.haxx.se/blog/2015/03/20/curl-17-years-old-today/
>

A BIG THANKS to you and all other contributors for all the good work too!
Congratulations!

Nikita Michalko

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Daniel Stenberg | 20 Mar 11:24 2015
Picon

curl, 17 years today!

Hi friends,

Today we celebrate the fact that it is exactly 17 years since the first 
public release of curl.

When I released that first version in the spring of 1998, we had only a 
handful of users and a handful of contributors. curl was just a little tool 
and we were still a few years out before libcurl would become a thing of its 
own.

The rest at:

   http://daniel.haxx.se/blog/2015/03/20/curl-17-years-old-today/

--

-- 

  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Jeff Cook | 20 Mar 09:15 2015
Picon

curl fails to negotiate TLS handshake with server unless compatible cipher suite is explicitly defined on commandline

Unfortunately I can't reveal the actual server used and I don't know
of any other cases where this happens. I understand that may make it
hard to test.

With ./curl_stage --ciphers RC4-SHA:RC4-MD5 -vvv https://example.com -1, I get

> curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

With ./curl_stage --ciphers AES256 -vvv https://example.com -1, I get

>* SSLv3, TLS handshake, Client hello (1):
>* SSLv3, TLS handshake, Server hello (2):
>* SSLv3, TLS handshake, CERT (11):
>* SSLv3, TLS handshake, Server finished (14):
>* SSLv3, TLS handshake, Client key exchange (16):
>* SSLv3, TLS change cipher, Client hello (1):
>* SSLv3, TLS handshake, Finished (20):
>* SSLv3, TLS change cipher, Client hello (1):
>* SSLv3, TLS handshake, Finished (20):
>* SSL connection using AES256-SHA

This is behavior is specific to one of the library's linked against
cURL, but I'm not sure which one.

All machines we have tested except for this one can connect to the
site and behave fine with the simple curl commands above. If I execute
curl_stage on a machine where normal curl behaves well, I get the same
problem, so it's not a network or configuration thing.

Can you help me identify the source of this issue? Shouldn't curl
exhaust its list of potential cipher suites before the server gives up
and sends an RST? The executable in question, statically linked with
all necessary libs by Ermine, is attached. I know that a library is
causing this because it happened both with the custom-built curl here
and the curl from Ubuntu.

Thanks.
Attachment (curl_stage.gz): application/x-gzip, 6954 KiB
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Jean-Marc Delrieu | 17 Mar 13:57 2015

Compatibility of cURL 7.21.0 with Windows 2008

Dear cURL users,

 

We are using cURL/7.21.0 (i386-pc-win32) libcurl/7.21.0 OpenSSL/0.98o zlib/1.2.5 to FTP files to our Payroll Provider ADP.

 

We are planning to change the server we are running cURL on to a Windows 2008 server.

I would like to know if the version of cURL that we currently run is compatible with Windows 2008 servers.

 

Can someone confirm to me?

 

Thanks in advance for your help.

 

Regards,

Jean-Marc

 

Jean-Marc Delrieu

Business Solutions Business Analyst, EMEA IT

Freescale Semiconductor, Inc

www.freescale.com

+33 5 61 19 10 52 (phone)

+33 5 61 19 95 26 (fax)

e-mail: Jean-marc.Delrieu <at> freescale.com

 

This e-mail, and any associated attachments have been classified as:

 

(X)

Public

 

( )

Freescale Semiconductor Internal Use Only

 

( )

Freescale Semiconductor Confidential Proprietary

 

 

 

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Spencer Allen | 16 Mar 21:12 2015
Picon

mingw QT windows error undefined reference to `_imp__getpeername

Trying to compile a windows qt app which uses libcurl. Compiled libcurl first and linked the library to my app. It fails on the following error. I know its part of windows winsock, but not sure what I am missing.


C:\deps\curl-7.32.0\lib\libcurl.a(libcurl_la-connect.o):connect.c:(.text+0x354): undefined reference to `_imp__getpeername <at> 12'

Makefile.Release:358: recipe for target 'release\Opalcoin-Qt.exe' failed

C:\deps\curl-7.32.0\lib\libcurl.a(libcurl_la-connect.o):connect.c:(.text+0xb78): undefined reference to `_imp__WSAIoctl <at> 36'

C:/MinGW/bin/../lib/gcc/i686-w64-mingw32/4.9.1/../../../../i686-w64-mingw32/bin/ld.exe: C:\deps\curl-7.32.0\lib\libcurl.a(libcurl_la-connect.o): bad reloc address 0x20 in section `.eh_frame'

C:/MinGW/bin/../lib/gcc/i686-w64-mingw32/4.9.1/../../../../i686-w64-mingw32/bin/ld.exe: final link failed: Invalid operation

collect2.exe: error: ld returned 1 exit status


Thanks,


Spencer

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Gmane