Adrián Mihálko | 23 May 00:42 2015
Picon

Https login problem - cipher?

Hi all,

I am trying to logon on a https secure site and execute a command. It works nicely on Yosemite 10.10.3:

-MacBook$ curl -V
curl 7.37.1 (x86_64-apple-darwin14.0) libcurl/7.37.1 SecureTransport zlib/1.2.5
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp 
Features: AsynchDNS GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz

Connection log: http://pastebin.com/6C2VRJ59

On Ubuntu:

    madrian <at> ubuntu:~$ curl -V
curl 7.42.1 (x86_64-unknown-linux-gnu) libcurl/7.42.1 OpenSSL/1.0.1f zlib/1.2.8
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp 
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets 

Connection log Ubuntu: http://pastebin.com/A56tzgs0

It connects on Ubuntu too, but it is not logged in (I get the login page source). On Yosemite the login is
success + the command what I send is executed. The only difference I see is that Yosemite use * TLS 1.2
connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384while Ubuntu is something different. I am
tried to set -ciphers TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 on Ubuntu, but I get error:

curl: (59) failed setting cipher list: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

Best regards,
Adrian
-------------------------------------------------------------------
(Continue reading)

Ibrahim Salim Omari | 21 May 15:34 2015
Picon

Lynx replacement

greetings,
How can I use curl to replace the following lynx command:

lynx -dump -auth=name:password "http://192.168.1.88/web/cgi-bin/hi3510/ptzctrl.cgi?-step=0&-act=down&-speed=45"

Thanks in advance
Ibrahim
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 15 May 11:21 2015
Picon

curl: (23) Failed writing body (1070 != 1448)

Hi Daniel,

When I use --range option, I meet the error message like the following :

----------------
 % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
   0     0    0     0    0     0      0      0 --:--:-- --:--:--
--:--:--     0   0     0    0     0    0     0      0      0 --:--:--
--:--:-- --:--:--     0   0 2048k    0  9818    0     0   6382      0
0:05:28  0:00:01  0:05:27  6379   1 2048k    1 28642    0     0   8776
     0  0:03:58  0:00:03  0:03:55  8777   2 2048k    2 44570    0
0  13304      0  0:02:37  0:00:03  0:02:34 13304   3 2048k    3 64842
  0     0  14618      0  0:02:23  0:00:04  0:02:19 14617   3 2048k
3 82218    0     0  14880      0  0:02:20  0:00:05  0:02:15 15878   6
2048k    6  123k    0     0  18073      0  0:01:56  0:00:06  0:01:50
21381   6 2048k    6  129k    0     0  18108      0  0:01:55  0:00:07
0:01:48 25578   8 2048k    8  165k    0     0  20068      0  0:01:44
0:00:08  0:01:36 24532  10 2048k   10  210k    0     0  21813      0
0:01:36  0:00:09  0:01:27 27682  10 2048k   10  221k    0     0  21418
     0  0:01:37  0:00:10  0:01:27 28537  11 2048k   11  238k    0
0  21577      0  0:01:37  0:00:11  0:01:26 27197  13 2048k   13  266k
  0     0  22023      0  0:01:35  0:00:12  0:01:23 27692  15 2048k
15  310k    0     0  23574      0  0:01:28  0:00:13  0:01:15 29399  18
2048k   18  387k    0     0  27173      0  0:01:17  0:00:14  0:01:03
38404  20 2048k   20  425k    0     0  28442      0  0:01:13  0:00:15
0:00:58 44232  24 2048k   24  504k    0     0  31490      0  0:01:06
0:00:16  0:00:50 53597  27 2048k   27  572k    0     0  33500      0
0:01:02  0:00:17  0:00:45 61532  30 2048k   30  626k    0     0  34433
     0  0:01:00  0:00:18  0:00:42 63067  32 2048k   32  658k    0
0  34927      0  0:01:00  0:00:19  0:00:41 58876  34 2048k   34  707k
  0     0  35440      0  0:00:59  0:00:20  0:00:39 56379  36 2048k
36  744k    0     0  35444      0  0:00:59  0:00:21  0:00:38 48134  38
2048k   38  792k    0     0  36420      0  0:00:57  0:00:22  0:00:35
47060  40 2048k   40  819k    0     0  35960      0  0:00:58  0:00:23
0:00:35 41975  42 2048k   42  863k    0     0  36191      0  0:00:57
0:00:24  0:00:33 40951  43 2048k   43  894k    0     0  35444      0
0:00:59  0:00:25  0:00:34 35461  45 2048k   45  940k    0     0  36601
     0  0:00:57  0:00:26  0:00:31 41804  47 2048k   47  976k    0
0  36564      0  0:00:57  0:00:27  0:00:30 37201  49 2048k   49 1019k
  0     0  36683      0  0:00:57  0:00:28  0:00:29 39993  51 2048k
51 1044k    0     0  36544      0  0:00:57  0:00:29  0:00:28 38325  52
2048k   52 1070k    0     0  36198      0  0:00:57  0:00:30  0:00:27
40595  53 2048k   53 1088k    0     0  35229      0  0:00:59  0:00:31
0:00:28 28477  54 2048k   54 1122k    0     0  35389      0  0:00:59
0:00:32  0:00:27 29118  55 2048k   55 1138k    0     0  34712      0
0:01:00  0:00:33  0:00:27 23760  56 2048k   56 1152k    0     0  33790
     0  0:01:02  0:00:34  0:00:28 19501  56 2048k   56 1157k    0
0  33262      0  0:01:03  0:00:35  0:00:28 16714  57 2048k   57 1174k
  0     0  33068      0  0:01:03  0:00:36  0:00:27 18638  58 2048k
58 1194k    0     0  32644      0  0:01:04  0:00:37  0:00:27 14784  59
2048k   59 1225k    0     0  32544      0  0:01:04  0:00:38  0:00:26
17969  61 2048k   61 1268k    0     0  33052      0  0:01:03  0:00:39
0:00:24 27175  63 2048k   63 1303k    0     0  33060      0  0:01:03
0:00:40  0:00:23 31541  65 2048k   65 1344k    0     0  32901      0
0:01:03  0:00:41  0:00:22 31795  67 2048k   67 1378k    0     0  33151
     0  0:01:03  0:00:42  0:00:21 36880  68 2048k   68 1408k    0
0  33293      0  0:01:02  0:00:43  0:00:19 39382  70 2048k   70 1449k
  0     0  33420      0  0:01:02  0:00:44  0:00:18 36259  72 2048k
72 1494k    0     0  33633      0  0:01:02  0:00:45  0:00:17 38172  75
2048k   75 1545k    0     0  34177      0  0:01:01  0:00:46  0:00:15
46153curl: (23) Failed writing body (1070 != 1448)
----------------

Any hints on this issue? How to solve it?

Regards
--

-- 
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 11 May 02:24 2015
Picon

Why the range begin from 0 instead of 1?

Dear Daniel,

In the curl's manpage, I can read the following the description on the
range option of curl:

 -r, --range <range>
          (HTTP/FTP/SFTP/FILE) Retrieve a byte range (i.e a partial  docu‐
           ment)  from  a  HTTP/1.1,  FTP  or  SFTP server or a local FILE.
           Ranges can be specified in a number of ways.

            0-499     specifies the first 500 bytes

I just wondered why not use 1, instead of 0, as the beginning counter
of the bytes number of a file?

If so, the above usage will looks like this:

1-500     specifies the first 500 bytes

It seems that this is more consistent with the concept of `the first
500 bytes' of a file.

Any hints on this?

Regards
--

-- 
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 10 May 12:56 2015
Picon

curl: option --dns-servers 127.0.0.1: is unknown

Hi Daniel,

See the following testings on my Debian Wheezy box:

werner <at> debian:~$ Dns_Servers="--dns-servers 127.0.0.1"
werner <at> debian:~$ curl -sI ${Dns_Servers+"${Dns_Servers}"} http://
ftp.cn.debian.org/debian/README
curl: option --dns-servers 127.0.0.1: is unknown
curl: try 'curl --help' or 'curl --manual' for more information
werner <at> debian:~$ Dns_Servers="127.0.0.1"
werner <at> debian:~$ curl -sI ${Dns_Servers+--dns-servers "${Dns_Servers}"}
http://ftp.cn.debian.org/debian/README
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Sun, 10 May 2015 06:29:56 GMT
Content-Type: application/octet-stream
Content-Length: 1495
Last-Modified: Sat, 25 Apr 2015 10:33:41 GMT
Connection: keep-alive
ETag: "553b6d85-5d7"
Accept-Ranges: bytes

It seems the quoting "${Dns_Servers}" keeps the argument as one piece, and
thus curl will see it as a single unknown option "--dns-servers 127.0.0.1".
And curl's diagnostic message is (quotes added by me):

  curl: option "--dns-servers 127.0.0.1": is unknown

curl knows an option "--dns-servers" with option argument "127.0.0.1", but
does not know an option with the name "--dns-servers 127.0.0.1".

I think, this should be treated as a bug of curl for doing
lexicographical analysis on the options. Conventionally, an  option is
constituted by some characters without spaces in it.

And it can be assigned with certain argument as its value, the delimiter
between the option and its argument(s) is often a space or =.

Regards
--

-- 
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 8 May 16:00 2015
Picon

It seems that the ftp repospons is so slow than http.

Hi Daniel,

I running the following two commands:

curl ftp://ftp.cn.debian.org/debian-cd/8.0.0/amd64/iso-cd/debian-8.0.0-amd64-CD-1.iso

and

curl -L http://ftp.cn.debian.org/debian-cd/8.0.0/amd64/iso-cd/debian-8.0.0-amd64-CD-1.iso

It seems the the second one response more fast the first one.  Why the
repospons from ftp for curl is so slow than http?

Regards
--

-- 
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Stephen Hawkins | 7 May 03:06 2015

Problems with multi-threaded client and curl easy interface

Hello,

I am developing a Windows application that utilizes multiple threads to upload chunks of data to a receiver.  For this purpose we have utilized the easy interface since it was very easy to get started and works well with the synchronous nature of what we are trying to accomplish with this.  Basically, we want each thread to read a chunk of data from disk, upload it to our “receiver” (which is a Debian linux box with apache pre-fork) which does some integrity check stuff to verify that what we uploaded did indeed arrive in-tact, writes it to disk, and then sends a 200 back to our application to notify it that the selected chunk we uploaded was successful and we can move onto the next one.

The problem I am having is that when I run this application with multiple threads, my transfer speed grinds to a near halt, with sporadic bursts being sent every 30 seconds.  I can look at the logs on the receiver and consistently see periods of inactivity that last for 30 seconds.  Then I see a burst of transfers, which quickly dies back down.  The debugger shows that all of the threads are blocked on a call to select() inside of curl_poll().  It seems like select() continuously returns 0, which causes curl_poll() to be called until select() finally does return something other than 0.  If I run this application with just 1 thread, everything is fine and dandy.  The single thread performs as quickly as it can.  Not surprisingly, if I run this application with threads enabled and I wrap the call to curl_easy_perform() with a mutex, then everything is okay as well.  Any ideas?  I am using version 7.42 of lib curl.  I am using a separate easy handle per thread.  We are NOT using SSL in this instance, though I have taken care to register the SSL locking callbacks needed as the application will eventually do these transfers over SSL.  The following is the code that is performing the transfer:

CURLcode LocalCAxCurl::UpdateData(const unsigned char *bpBuf,

  size_t nBufSize,

  uint64_t nSendOffset,

  const char *pstrFileName,

  long *plResponseCode,

  CURL * ext_curl_handle,

  AxCurlMemoryStruct * UpdateDataServerResponse)

{

long lResponseCode = 0;

int numAttempts = 0;

bool perform = true;

bool setWriteCallback = true;

bool sleep = false;

CURLcode rc = CURLE_OK;

char sendOffsetStr[256];

snprintf(sendOffsetStr, sizeof(sendOffsetStr), "%I64u", nSendOffset);


if (plResponseCode == NULL)

plResponseCode = &lResponseCode;


*plResponseCode = 0;


if (ext_curl_handle == NULL)

return CURLE_FAILED_INIT;


if(bpBuf == NULL || nBufSize == 0) 

return CURLE_READ_ERROR; /* can't continue */


curl_easy_reset(ext_curl_handle);


/* Set global Curl call timeout */

curl_easy_setopt(ext_curl_handle, CURLOPT_TIMEOUT, g_lCurlTimeoutVal);


/* Set maximum number of connections */

//curl_easy_setopt(ext_curl_handle, CURLOPT_MAXCONNECTS, 1);


/* tell it to "upload" to the URL */

curl_easy_setopt(ext_curl_handle, CURLOPT_UPLOAD, 1L);


        /* HTTP PUT please */ 

        curl_easy_setopt(ext_curl_handle, CURLOPT_PUT, 1L);


curl_easy_setopt(ext_curl_handle, CURLOPT_COOKIEFILE, m_strCookiesFile.c_str());

        curl_easy_setopt(ext_curl_handle, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); 

        if(m_bUseHttps)

        {

    curl_easy_setopt(ext_curl_handle, CURLOPT_SSL_VERIFYPEER, FALSE);

        }

        curl_easy_setopt(ext_curl_handle, CURLOPT_FOLLOWLOCATION, 1L);


std::string strUrl;

ConstructUrl(op_update_file, strUrl);

        rc = curl_easy_setopt(ext_curl_handle, CURLOPT_URL, strUrl.c_str());

        if (rc != CURLE_OK)

            return rc;


/* Read memory */

AxCurlMemoryStruct read_mem;

read_mem.memory = (char *)bpBuf;

read_mem.size = nBufSize;


/* set where to read from (on Windows you need to use READFUNCTION too) */

curl_easy_setopt(ext_curl_handle, CURLOPT_READDATA, &read_mem);


/* we want to use our own read function */

        curl_easy_setopt(ext_curl_handle, CURLOPT_READFUNCTION, read_memory_callback);


SetDebug(m_bVerbose);


char szBuf[MAX_PATH << 1];

char *outptr = NULL;

size_t outlen = 0;


        struct curl_slist *slist = NULL;


// add "Axcient-Receiver-Path: %s" to the header

rc = Curl_base64_encode(NULL, pstrFileName, strlen(pstrFileName), &outptr, &outlen);

if (outptr)

{

sprintf(szBuf, g_szFmtHeaderAxReceiverPath, outptr);

slist = curl_slist_append(slist, szBuf);

free(outptr);

outptr = NULL;

}


// add "File-Write-Offset: %llu" to the header

rc = Curl_base64_encode(NULL, sendOffsetStr, strlen(sendOffsetStr), &outptr, &outlen);

if (outptr)

{

sprintf(szBuf, g_szFmtHeaderSendOffset, outptr);

slist = curl_slist_append(slist, szBuf);

free(outptr);

outptr = NULL;

}


// add "Sender-Log-Sizes" to the header

slist = curl_slist_append(slist, g_szFmtHeaderSenderLogSizes);


unsigned char digest[2 * MD5_DIGEST_LEN];

memset(digest, 0, sizeof(digest));

rc = calc_md5_hash(bpBuf, (int)nBufSize, digest, MD5_DIGEST_LEN);

std::string strDigest = ToHexNoSpace(digest, MD5_DIGEST_LEN);


        if (rc != CURLE_OK)

        {

curl_slist_free_all(slist);

        return rc;

        }

// add "Content-MD5: %s" to the header

rc = Curl_base64_encode(NULL, strDigest.c_str(), strDigest.length(), &outptr, &outlen);

if (outptr)

{

sprintf(szBuf, g_szFmtHeaderContentMd5, outptr);

slist = curl_slist_append(slist, szBuf);

free(outptr);

outptr = NULL;

}


rc = curl_easy_setopt(ext_curl_handle, CURLOPT_HTTPHEADER, slist);

        if (rc != CURLE_OK)

{

    curl_slist_free_all(slist);

        return rc;

}


while (perform && numAttempts < m_nSendRetriesCount) {


/* We don't always want to register a write callback.  Only when

* we encounter error 403*/

if (setWriteCallback)

{

/* set where to write our server reponse to */

curl_easy_setopt(ext_curl_handle, CURLOPT_WRITEDATA, UpdateDataServerResponse);


/* we want to use our own write function */

curl_easy_setopt(ext_curl_handle, CURLOPT_WRITEFUNCTION, write_last_response_callback);

}


//WaitForSingleObject(h_mPerformMutex, INFINITE);


/* Perform the Curl call */

rc = curl_easy_perform(ext_curl_handle);


//ReleaseMutex(h_mPerformMutex);

/* Check the Curl return call.  This does NOT mean that the

* HTTP request was successful...*/

if (rc == CURLE_OK)

{

/* Get the http return code */

GetHttpResponseCode(rc, plResponseCode, ext_curl_handle);


switch (*plResponseCode) {

case AX_RSP_CODE_SUCCESS:

perform = false;

break;

case AX_RSP_CODE_BAD_CREDENTIALS:

perform = false;

break;

case AX_RSP_CODE_FORBIDDEN:

/* If we get a "session not initialized" 403, do not retry.  We must exit,

* have the agent call start_snapshot, and be reinvoked for the job to continue*/

if (!setWriteCallback)

{

setWriteCallback = true;

sleep = true;

// decrement once, since we are "wasting" a retry

// to assign the callback function

--numAttempts;

break;

}

else /* write callback has been set, this is the second time in a row we 

  * have gotten 403.  Let's check the response. */

{

if (UpdateDataServerResponse->memory && 

strcmp(UpdateDataServerResponse->memory, g_UpdateFileRSP_NotInit) == 0)

{

/* Session not initialized 403.  do not retry */

perform = false;

}

else

{

/* This is an integrity check failure 403.  Retry */

sleep = true;

}

break;

}

case AX_RSP_CODE_NOT_FOUND:

perform = false;

break;

case AX_RSP_CODE_INTERNAL_SERVER_ERROR: 

// received internal server error - will retry

sleep = true;

break;

default:

/* Unknown http return code.  Do not retry */

perform = false;

break;

}

} else {

/* curl_easy_perform() did not return CURLE_OK.  Sleep and retry */

sleep = true;

}


if (sleep) {

m_tLastAttemptTime = time(NULL);

while (time(NULL) - m_tLastAttemptTime < m_lSendRetriesInterval) {

#ifdef _WIN32

Sleep(100);

#else

sleep(1);

#endif

}

sleep = false;

}

++numAttempts;

} // while


        curl_slist_free_all(slist);


return rc;

}


This thread is invoked by all sending threads, but each thread passes in it’s own easy_handle.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 6 May 17:19 2015
Picon

Is it possiable to let the `PROGRESS METER' give precise results upto bytes?

Hi Deniel,

The `PROGRESS METER' of curl also uses `K' and `M' for the data
transfer progess it observed.

can this be controlled by options/switches so that I can always let
`PROGRESS METER' give precise results upto bytes?

Regards
--

-- 
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Rohit Nandan | 5 May 07:31 2015
Picon

libcurl fail's to initiate asynchronous DNS requests with c-ares

Hi,

I have build curl and c-ares version 7.33 , 7.35, 7.43 and 1.6, 1.10 respectively from source and tried both the curl command line and programming api where it fails to take --dns-ipv4-addr flag or CURLOPT_DNS_LOCAL_IP4 and perform asynchronous DNS requests. Default build fails with error " (4) A requested feature, protocol or option was not found built-in in this libcurl due to a build-time decision." while a build with ./configure --enable-ares gives no error on terminal but doesn't hits specified DNS server and error as "unable to resolve hostname" when using programming api.

I have tried the very version which had this functionality first time featured(7.33), version available as default package installation in ubuntu 14.04 (7.35) and the latest one from the github repo(7.43).

Am I missing something? as its even reproducible while on windows.

Thanks
Rohit Nandan

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Michael Osipov | 29 Apr 10:04 2015
Picon
Picon

curl writes confusing SSLv2, Unknown...

Hi folks,

I am retrieving a resource from a web server over HTTPS, the connection is
negotiated with TLS 1.2 but I constantly see SSLv2, Unknown (xy) in the verbose
output. See below:

*   Trying <ip>...
* Connected to <hostname> (<ip>) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4: <at> STRENGTH
* successfully set certificate verify locations:
*   CAfile: /usr/local/share/certs/combined-ca.pem
  CApath: none
* TLSv1.2, TLS Unknown, Unknown (22):
} [5 bytes data]
* TLSv1.2, TLS handshake, Client hello (1):
} [512 bytes data]
* SSLv2, Unknown (22):
{ [5 bytes data]
* TLSv1.2, TLS handshake, Server hello (2):
{ [81 bytes data]
* TLSv1.2, TLS handshake, CERT (11):
{ [3296 bytes data]
* TLSv1.2, TLS handshake, Server finished (14):
{ [4 bytes data]
* SSLv2, Unknown (22):
} [5 bytes data]
* TLSv1.2, TLS handshake, Client key exchange (16):
} [262 bytes data]
* SSLv2, Unknown (20):
} [5 bytes data]
* TLSv1.2, TLS change cipher, Client hello (1):
} [1 bytes data]
* SSLv2, Unknown (22):
} [5 bytes data]
* TLSv1.2, TLS handshake, Finished (20):
} [16 bytes data]
* SSLv2, Unknown (20):
{ [5 bytes data]
* TLSv1.2, TLS change cipher, Client hello (1):
{ [1 bytes data]
* SSLv2, Unknown (22):
{ [5 bytes data]
* TLSv1.2, TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / AES128-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*        subject: ...
*        start date: 2014-10-30 14:30:19 GMT
*        expire date: 2015-11-06 14:30:19 GMT
*        common name: <hostname> (matched)
*        issuer: ...
*        SSL certificate verify ok.
* SSLv2, Unknown (23):
} [5 bytes data]
> GET /webapp/path?docid=d9cd03bc-c876-11e4-8f02-00306e5db158&archivid=I3 HTTP/1.1
> Host: <hostname>
> User-Agent: curl/7.42.0
> Accept: */*
>
* SSLv2, Unknown (23):
{ [5 bytes data]
< HTTP/1.1 401 Unauthorized
< Content-Type: text/html
< Server: Kermit
< WWW-Authenticate: Negotiate
< WWW-Authenticate: NTLM
< X-Frame-Options: sameorigin
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Date: Wed, 29 Apr 2015 07:58:44 GMT
< Content-Length: 1293
<
* Ignoring the response-body
{ [1293 bytes data]
* Connection #0 to host <hostname> left intact
* Issue another request to this URL: 'https://<hostname>/webapp/path?docid=d9cd03bc-c876-11e4-8f02-00306e5db158&archivid=I3'
* Found bundle for host <hostname>: 0x28828c50
* Re-using existing connection! (#0) with host <hostname>
* Connected to <hostname> (<ip>) port 443 (#0)
* Server auth using Negotiate with user ''
* SSLv2, Unknown (23):
} [5 bytes data]
> GET /webapp/path?docid=d9cd03bc-c876-11e4-8f02-00306e5db158&archivid=I3 HTTP/1.1
> Host: <hostname>
> Authorization: Negotiate YIIXkgYGKwYBBQUCoIIXhjC...
> User-Agent: curl/7.42.0
> Accept: */*
>
* SSLv2, Unknown (23):
{ [5 bytes data]
< HTTP/1.1 307 Temporary Redirect
< Cache-Control: private
< Content-Length: 0
< Location: https://internal-archive...
< Server: Kermit
< Persistent-Auth: false
< X-Frame-Options: sameorigin
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< WWW-Authenticate: Negotiate oYG3MIG0oAMKAQChCwYJKoZIhv...
< Date: Wed, 29 Apr 2015 07:58:44 GMT
<
* Closing connection 0
* SSLv2, Unknown (21):
} [5 bytes data]
* TLSv1.2, TLS alert, Client hello (1):
} [2 bytes data]

What it is this SSLv2? It looks very confusing.

I use:

curl 7.42.0 (i386-portbld-freebsd9.3) libcurl/7.42.0 OpenSSL/1.0.2a zlib/1.2.8
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets

Thanks,

Michael
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Hongyi Zhao | 29 Apr 07:37 2015
Picon

Requested range is entirely out of the file, but curl still return with exit status of 0.

Hi all,

See the following testings:

$ curl -s -I http://ftp.cn.debian.org/debian/README |
grep '^Content-Length:'
Content-Length: 1495

$ curl -s -r 1600-1700 http://ftp.cn.debian.org/debian/README 2>&1 >/dev/
null

$ echo $?
0

So strange.  In the above case, the requested range is entirely out of
the ranges of the file. But still curl will return will status of 0.

Notes. WRT the curl version for my case, see the following:

$ curl -V
curl 7.42.0-DEV (x86_64-unknown-linux-gnu) libcurl/7.42.0-DEV
OpenSSL/1.0.1e zlib/1.2.7 c-ares/1.9.1 libidn/1.25 libssh2/1.4.2
librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM
NTLM_WB SSL libz TLS-SRP UnixSockets Metalink

Regards
--

-- 
Hongyi Zhao <hongyi.zhao <at> gmail.com>
Xinjiang Technical Institute of Physics and Chemistry
Chinese Academy of Sciences
GnuPG DSA: 0xD108493
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Gmane