cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: Problems with curl tool

From: Gioffredi, Pompea <Pompea.Gioffredi_at_getronics.com>
Date: Wed, 12 Mar 2003 15:13:17 +0100

Thanks for suggestion.

I think to have problems with openssl/curl version because the command
"openssl s_client -connect www.openssl.org:443 -showcerts" return with a
"10060 connect error".

The problem is to know how I can make a HTTP handshake manually because
I don't know the way for init a SSL connection.
I have no experience with SSL connection, but I think that the logic
step for SSL handshake is the following:
- The client connects to a Secure Server
- the Secure Server sends own certificate to the client
- the client creates in some way a "session key" and ciphers it with
server public key
- the server verifies with own private key
- If everything is ok, the handshake is terminated and client/server can
communicate each other.

If the process is ok, how I can make the previous steps with 'libcurl'
or with other libraries (for example Windows 'Winhttp' service)?

Thanks

Pompea Gioffredi
eSecurity Consultant
I.D.I. Security Practice

Getronics S.p.A.
C.da La Marchesa - Km 8.48
70020 Bitritto (BA) - ITALY
Tel. +39 80 3855410
Fax +39 80 6352089
www.getronics.it

-----Original Message-----
From: Gotz Babin-Ebell [mailto:babin-ebell_at_trustcenter.de]
Sent: mercoledi 12 marzo 2003 11.59
To: curl-library_at_lists.sourceforge.net
Subject: Re: Problems with curl tool

Hello,

Gioffredi, Pompea wrote:

> I attempt to connect to a secure server (openssl.org) but the 'curl'
tool returns with an error (7: connection failed).
> The command is "curl https://www.openssl.org".
> Th response doesn't change if I launch the command with the ssl
version (curl -3/-2 https://www.openssl.org)

??
I have only a very old version (7.9.5) but I can connect successfully.

> Does anyone tell me the way for init a secure connection with a secure
server ?
> (ie if I call the 'curl' tool should be the server certificate the
first response of the server ?)

You can use openssl as a very basic tool:

openssl s_client -connect www.openssl.org -showcerts

But you have to do the HTTP handshake manually...

Bye

Goetz

-- 
Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0,  Fax: +49-(0)40 80 80 26 -126
-------------------------------------------------------
This SF.net email is sponsored by:Crypto Challenge is now open! 
Get cracking and register here for some mind boggling fun and 
the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en

Received on 2003-03-12

This message: [ Message body ]
Next message: Daniel Stenberg: "RE: Problems with curl tool"
Previous message: Andy Cedilnik: "Re: Curl and CMake (Was configure dilemmas)"
Maybe in reply to: Gioffredi, Pompea : "Problems with curl tool"
Next in thread: Daniel Stenberg: "RE: Problems with curl tool"
Reply: Daniel Stenberg: "RE: Problems with curl tool"
Reply: Philippe Raoult: "Re: Problems with curl tool"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]