Chaps,

If anyone can help, that would be awesome! Kinda flailing a little here.
$boss did some curl to talk to a 1&1 Exchange server (2010 I think). His
script worked fine on curl 7.32, it seems to negotiate SSLv3:

* About to connect() to 1.exchange.1and1.eu port 443 (#0)
* Trying 217.160.154.197...
* Adding handle: conn: 0x7fdda1808400
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fdda1808400) send_pipe: 1, recv_pipe: 0
* Connected to 1.exchange.1and1.eu (217.160.154.197) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
* subject: C=DE; O=1&1 Internet AG; ST=Rhineland-Palatinate;
L=Montabaur; emailAddress=server-certs_at_1und1.de; CN=1.exchange.1and1.eu
* start date: 2014-04-28 08:05:43 GMT
* expire date: 2017-05-03 23:59:59 GMT
* subjectAltName: 1.exchange.1and1.eu matched
* issuer: C=DE; O=T-Systems International GmbH; OU=T-Systems Trust
Center; ST=Nordrhein Westfalen; postalCode=57250; L=Netphen; street=Untere
Industriestr. 20; CN=TeleSec ServerPass DE-2
* SSL certificate verify ok.
* Server auth using NTLM with user 'him_at_crowdca.lc'
> POST /EWS/Exchange.asmx HTTP/1.1
> Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
> User-Agent: curl/7.32.0

etc.

However, my Mac and Ubuntu VMs on 7.37.1 (and also compiled latest) seem to
decide that TLS is the way forward and fail horribly:

* Hostname was NOT found in DNS cache
* Trying 217.160.154.197...
* Connected to 1.exchange.1and1.eu (217.160.154.197) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
* Server certificate: 1.exchange.1and1.eu
* Server certificate: TeleSec ServerPass DE-2
* Server certificate: Deutsche Telekom Root CA 2
* Server auth using NTLM with user 'him_at_crowdca.lc'
> POST /EWS/Exchange.asmx HTTP/1.1
> Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
> User-Agent: curl/7.37.1
> Accept: */*
> x-lwp-version: 6.08
> x-xml-libxml-version: 2.0105
> x-xml-compile-version: 1.47
> x-xml-compile-cache-version: 1.02
> x-xml-compile-soap-version: 3.05
> Host: 1.exchange.1and1.eu
> Content-Type: text/xml; charset=utf-8
> soapaction: "
http://schemas.microsoft.com/exchange/services/2006/messages/GetFolder"
>
< HTTP/1.1 411 Length Required
< Content-Type: text/html; charset=us-ascii
* Server Microsoft-HTTPAPI/2.0 is not blacklisted
< Server: Microsoft-HTTPAPI/2.0
< Date: Thu, 27 Nov 2014 17:40:10 GMT
< Connection: close
< Content-Length: 344
<
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""
http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Length Required</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html;
charset=us-ascii"></HEAD>
<BODY><h2>Length Required</h2>
<hr><p>HTTP Error 411. The request must be chunked or have a content
length.</p>
</BODY></HTML>
* Closing connection 0

This is just for a proof of concept. Is there a way of getting the more
recent version to do what the old one did? I've tried switches like -3 and
coercing ciphers but no no avail.

TIA!

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-11-28