Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: Understanding the process in which curl access HTTPS server
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Ray Satiro via curl-users <curl-users_at_cool.haxx.se>
Date: Sat, 3 Apr 2021 23:33:38 -0400
On 4/3/2021 9:53 PM, Peng Yu wrote:
> On Sat, Apr 3, 2021 at 12:51 PM Ray Satiro via curl-users
> <curl-users_at_cool.haxx.se> wrote:
>> On 4/3/2021 9:46 AM, Peng Yu via curl-users wrote:
>>> I see here is the detail on how curl access https. I also showed how
>>> to access it via openssl. But it is not clear how the steps of two
>>> processes match each other. Could anybody help understand the detail?
>>> Thanks.
>> I don't understand the question, can you be more specific?
> For example, curl lists those. What openssl output does each row match?
>
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * successfully set certificate verify locations:
> * CAfile: /usr/local/etc/openssl_at_1.1/cert.pem
> * CApath: /usr/local/etc/openssl_at_1.1/certs
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> * TLSv1.2 (IN), TLS handshake, Finished (20):
That is verbose output that comes from curl. Most of it is TLS protocol
messages that come from the ossl_trace callback [1] which is called by
OpenSSL. Basically curl is responsible for outputting the messages from
OpenSSL. So the output is not from OpenSSL directly.
[1]:
https://github.com/curl/curl/blob/curl-7_76_0/lib/vtls/openssl.c#L2076-L2181
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2021-04-04
Date: Sat, 3 Apr 2021 23:33:38 -0400
On 4/3/2021 9:53 PM, Peng Yu wrote:
> On Sat, Apr 3, 2021 at 12:51 PM Ray Satiro via curl-users
> <curl-users_at_cool.haxx.se> wrote:
>> On 4/3/2021 9:46 AM, Peng Yu via curl-users wrote:
>>> I see here is the detail on how curl access https. I also showed how
>>> to access it via openssl. But it is not clear how the steps of two
>>> processes match each other. Could anybody help understand the detail?
>>> Thanks.
>> I don't understand the question, can you be more specific?
> For example, curl lists those. What openssl output does each row match?
>
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * successfully set certificate verify locations:
> * CAfile: /usr/local/etc/openssl_at_1.1/cert.pem
> * CApath: /usr/local/etc/openssl_at_1.1/certs
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> * TLSv1.2 (IN), TLS handshake, Finished (20):
That is verbose output that comes from curl. Most of it is TLS protocol
messages that come from the ossl_trace callback [1] which is called by
OpenSSL. Basically curl is responsible for outputting the messages from
OpenSSL. So the output is not from OpenSSL directly.
[1]:
https://github.com/curl/curl/blob/curl-7_76_0/lib/vtls/openssl.c#L2076-L2181
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2021-04-04