curl / Mailing Lists / curl-users / Single Mail

curl-users

ssl failure, MITM attack?

From: David Niklas <doark_at_mail.com>
Date: Wed, 1 Feb 2017 12:10:12 -0500

Hello,
I wanted to get a link from a US gov website. firefox was taking all
eternity, so I decided to use curl.
My system clock is set correctly, I have an up-to-date system, with
associated up-to-date certs.
My problem is that I had to try downloading three times before I got the
file. The first had the below error, the second stopped part way through.
I'm curious to know if I'm being MITM attacked.

Linux ulgy_thing 4.4.39-gentoo-nopreempt-dav2 #1 SMP Thu Dec 22 16:14:17
UTC 2016 x86_64 Intel(R) Pentium(R) CPU 2117U @ 1.80GHz GenuineIntel
GNU/Linux

My curl version is:

curl 7.52.1 (x86_64-pc-linux-gnu) libcurl/7.52.1 OpenSSL/1.0.2j
zlib/1.2.11 libidn2/0.11 libssh2/1.7.0 nghttp2/1.10.0 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s
rtmp rtsp scp sftp smtp smtps telnet tftp Features: AsynchDNS IDN IPv6
Largefile GSS-API Kerberos SPNEGO NTLM SSL libz TLS-SRP HTTP2 UnixSockets
HTTPS-proxy Metalink

% curl -vD- -o Downloads/2016-24888.pdf
https://www.gpo.gov/fdsys/pkg/FR-2016-10-17/pdf/2016-24888.pdf
% Total % Received
% Xferd Average Speed Time Time Time Current Dload Upload
Total Spent Left Speed 0 0 0 0 0 0 0 0
--:--:-- --:--:-- --:--:--
0*
Trying 162.140.14.20...
* TCP_NODELAY set
* Connected to www.gpo.gov (162.140.14.20) port 443 (#0)
  0 0 0 0 0 0 0 0 --:--:-- 0:00:01
--:--:--
0*
ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection:
ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [91 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3517 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
  0 0 0 0 0 0 0 0 --:--:-- 0:00:11
--:--:--
0*
Unknown SSL protocol error in connection to www.gpo.gov:443
* Curl_http_done: called premature == 1
* stopped the pause stream!
  0 0 0 0 0 0 0 0 --:--:-- 0:00:12
--:--:-- 0
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to www.gpo.gov:443
% echo $?
35
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-02-01