cURL / Mailing Lists / curl-users / Single Mail

curl-users

curl: (52) Empty reply from server

From: Ajay <stealthu471_at_gmail.com>
Date: Sun, 20 May 2012 15:30:11 -0700

Hello Daniel,

Thanks for replying to my earlier message. I did not enable the option of
receiving e-mail from this mailing list.. I thought that I could read the
reply and also send reply to the thread online, instead of receiving it in
my inbox. Therefore, instead of replying to your thread, I am creating a
new message as I did not receive your reply in my inbox. Sorry for
duplicating part of the message. I have now changed the necessary option in
my account.

Previously and now , I had typed the following commands

curl -v https://www.wellsfargo.com
curl -v https://www.bankofamerica.com

Both of them worked fine, i.e I get proper code in the reply.

But, when I type
curl -v https://www.tvg.com

I am still getting the error mentioned below, which is same as earlier,
even after updating my NSS using
yum upgrade nss

Please help me by giving me hints about how to solve this problem.

Thanks,
Ajay

I am getting the following message now.

"* About to connect() to www.tvg.com port 443 (#0)
* Trying 208.88.35.20... connected
* Connected to www.tvg.com (208.88.35.20) port 443 (#0)
* Initializing NSS with certpath: /etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_RSA_WITH_AES_128_CBC_SHA
* Server certificate:
* subject: CN=www.tvg.com,OU=Engineering,O=T V G,L=Beaverton,ST=Oregon,C=US
* start date: Oct 14 00:00:00 2011 GMT
* expire date: Oct 22 23:59:59 2016 GMT
* common name: www.tvg.com
* issuer: CN=Thawte SSL CA,O="Thawte, Inc.",C=US
> GET / HTTP/1.1
> User-Agent: curl/7.21.0 (i386-redhat-linux-gnu) libcurl/7.21.0 NSS/
3.12.10.0 zlib/1.2.5 libidn/1.18 libssh2/1.2.4
> Host: www.tvg.com
> Accept: */*
>
* Empty reply from server
* Connection #0 to host www.tvg.com left intact
curl: (52) Empty reply from server
* Closing connection #0"

This was your earlier reply.

"On Thu, 17 May 2012, Ajay wrote:

*> * Connected to www.tvg.com (208.88.35.20) port 443 (#0) *

...

*>> GET / HTTP/1.1 *
*>> User-Agent: curl/7.21.0 (i386-redhat-linux-gnu) libcurl/7.21.0 NSS/ *
*> 3.12.10.0 zlib/1.2.5 libidn/1.18 libssh2/1.2.4 *
*>> Host: www.tvg.com *
*>> Accept: */* *
*>> *
*> * Empty reply from server *

This means curl got no error reported from the SSL library (NSS) but it
didn't
get any response from the HTTPS server and that is an error.

*> I searched curl-users archive regarding this type of reply and I found
the *
*> following thread that mentions about "Unpatched client and patched
OpenSSL *
*> server" http://curl.haxx.se/mail/archive-2010-12/0004.html *

That's one case showing the same symptom, yes, but we can't tell if the
reasons are the same.

*> As mentioned in the above URL, I do not know how to set the parameter *
*> "SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION" Could anyone of you please
help *
*> me how to set this parameter, if this is the solution or suggest an *
*> alternative way of solving the problem. *

I believe that is an OpenSSL option and A) it would require a rebuild to
fix
and B) your current curl doesn't even use OpenSSL but NSS... and as I said,
we
don't even know that is the reason for the problem.

*> I tried executing the same curl command with other https website and I
am *
*> getting a non-empty response. *

That sounds like a more fundamental problem with your NSS library then. Is
there _any_ HTTPS site that works for you?

*> I am getting the following output *
*> OpenSSL 1.0.0e-fips 6 Sep 2011 *

Your curl runs NSS so the OpenSSL version isn't relevant here...

-- 
  / daniel.haxx.se"

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-05-21