cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Https login problem - cipher?

From: Dan Fandrich <dan_at_coneharvesters.com>
Date: Sat, 23 May 2015 11:42:44 +0200

On Sat, May 23, 2015 at 12:42:57AM +0200, Adrián Mihálko wrote:
> I am trying to logon on a https secure site and execute a command. It works nicely on Yosemite 10.10.3:
>
> -MacBook$ curl -V
> curl 7.37.1 (x86_64-apple-darwin14.0) libcurl/7.37.1 SecureTransport zlib/1.2.5
> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
> Features: AsynchDNS GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz
>
> Connection log: http://pastebin.com/6C2VRJ59
>
> On Ubuntu:
>
> madrian_at_ubuntu:~$ curl -V
> curl 7.42.1 (x86_64-unknown-linux-gnu) libcurl/7.42.1 OpenSSL/1.0.1f zlib/1.2.8
> Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
> Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets
>
> Connection log Ubuntu: http://pastebin.com/A56tzgs0
>
> It connects on Ubuntu too, but it is not logged in (I get the login page source). On Yosemite the login is success + the command what I send is executed. The only difference I see is that Yosemite use * TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384while Ubuntu is something different. I am tried to set -ciphers TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 on Ubuntu, but I get error:
>
> curl: (59) failed setting cipher list: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

You don't provide any information on how you're "logging in" to the site. One
big difference I see is that the working (Mac) version has GSS-Negotiate
support enabled whereas the nonworking (Ubuntu) curl does not. If login is done
with Kerberos, that would explain it. Compare the verbose debug output of the
working and non-working versions to see where they differ. If both versions
actually connect, then it's extremely unlikely to be anything to do with SSL.

>>> Dan
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-05-23

This message: [ Message body ]
Next message: Sourin Maiti: "Need Help"
Previous message: Adrián Mihálko: "Https login problem - cipher?"
In reply to: Adrián Mihálko: "Https login problem - cipher?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]