curl-library
Re: curl-library Digest, Vol 133, Issue 33
Date: Wed, 5 Oct 2016 08:17:06 -0400
This is in response to Message 1. libcurl cert issue (Joseph Saflin)
(defintion) Message 2 (reply):
Have you tried your server URL with curl directly, and does that work? YES
Try downloading the certificate from the server and run
certutil /verify
on it.
COMPLETED SUCCESSFULLY
First off, I am on a closed network so I can't send the actual messages
received. I have to translate what is occurring.
The compiled code curl httpget works fine for me. It does not work with
any other user.
Also, if I put the rest url in a browser it completes and returns data
successfully from all workstations.
I am now using the "CURLOPTDEBUGFUNCTION". It looks as though it is
failing on the (step 2/3) on the handshake.
My console, which works, says "Info: schannel: encrypted data buffer:
offset 107 length 4096. It then continues to complete the handshake and
complete normally.
Other user console, which DOESN"T work, say "Info: channel: encrypted data
buffer: offset 7 length 4096.
Next line:
schannel: nextInitializeSecurityContext failed: SEC_E_CERT_UNKNOWN
(0x80090327). An unknown error occured while processing the certificate.
Curl_http_done: called premature ==1
Closing connection.
Hope that helps.
On Thu, Sep 29, 2016 at 6:00 AM, <curl-library-request_at_cool.haxx.se> wrote:
> Send curl-library mailing list submissions to
> curl-library_at_cool.haxx.se
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://cool.haxx.se/cgi-bin/mailman/listinfo/curl-library
> or, via email, send a message with subject or body 'help' to
> curl-library-request_at_cool.haxx.se
>
> You can reach the person managing the list at
> curl-library-owner_at_cool.haxx.se
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of curl-library digest..."
>
>
> Today's Topics:
>
> 1. libcurl cert issue (Joseph Saflin)
> 2. Re: libcurl cert issue (Henri Hein)
> 3. RE: SSLv3 mutual authentication using libcurl and smart card
> (Tiago dos Santos Gomes)
> 4. curlopt_seekfunction (Biju N)
> 5. Updating minimum cmake version to 2.8.12 (Ray Satiro)
> 6. libcurl smtp terminates with HELP (Ove Kernell)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 28 Sep 2016 13:22:18 -0400
> From: Joseph Saflin <sflinja_at_gmail.com>
> To: curl-library_at_cool.haxx.se
> Subject: libcurl cert issue
> Message-ID:
> <CADFao-2V6En1HjzJWc+B9e=JGyi7h+v03x0BgTC+OmHrOr4yPg_at_mail.
> gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> I am using libcurl.lib 7.50.3 with Windows SSL support (WINSSL).
>
> I am having an issue with my HTTPS get function.
>
> The error code returned is 35 - SSL connect error.
>
> schannel: nextInitializeSecurityContext failed: SEC_E_CERT_UNKNOWN
> (0x80090327). An
> unknown error occured while processing the certificate.
>
> The code that conducts the get processes for my account, but not anyone
> else. They are all set up identical.
>
> Used the following :
>
> curl_easy_setopt(curl, CURLOPT_URL, tmp_url);
> curl_easy_setopt(curl, CURLOPT_HTTPGET,TRUE);
> curl_easy_setopt(curl, CURLOPT_SSL_OPTIONS, CURLSSOPT_NO_REOVKE);
> curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER,FALSE);
> curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST,FALSE);
>
> Is there something I am missing. I am new to libcurl and SSL.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://cool.haxx.se/pipermail/curl-library/
> attachments/20160928/23591a16/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 28 Sep 2016 11:44:56 -0700
> From: Henri Hein <henri_at_thinair.com>
> To: libcurl development <curl-library_at_cool.haxx.se>
> Subject: Re: libcurl cert issue
> Message-ID:
> <CAFxQxOO5-yHFPzB+JrrxG_Ky7paCCY_rYPo381mLq_2cbxJ8yw@
> mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> Hi Joseph,
>
> On Wed, Sep 28, 2016 at 10:22 AM, Joseph Saflin <sflinja_at_gmail.com> wrote:
> > schannel: nextInitializeSecurityContext failed: SEC_E_CERT_UNKNOWN
> > (0x80090327). An
> > unknown error occured while processing the certificate.
>
> Unfortunately, that's a pretty generic message. Here are a couple
> of things to try.
>
> Have you tried your server URL with curl directly, and does that work?
>
> Try downloading the certificate from the server and run
> certutil /verify
> on it.
>
> Let us know what you find out.
>
> - Henri
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 28 Sep 2016 20:12:26 +0000
> From: Tiago dos Santos Gomes <tiago.gomes_at_telematica.com.br>
> To: David Woodhouse <dwmw2_at_infradead.org>, "curl-library_at_cool.haxx.se"
> <curl-library_at_cool.haxx.se>
> Subject: RE: SSLv3 mutual authentication using libcurl and smart card
> Message-ID: <1475093569660.8916_at_telematica.com.br>
> Content-Type: text/plain; charset="iso-8859-1"
>
>
> > I already gave you a reference to the PKCS#11 spec. Now you have a
> > worked example of how a PKCS#11 module gets used in practice, to help
> > you understand and implement it.
>
>
> Well, it looks like I have a lot of work ahead and a lot of material to
> read. But definitely it is a good start!
> Thanks for the help, I will answer with the results as soon as possible.
>
>
> Best Regards,
> Tiago Gomes
>
>
> ------------------------------
>
> Message: 4
> Date: Wed, 28 Sep 2016 14:17:00 -0400
> From: Biju N <bijuatapache_at_gmail.com>
> To: curl-library_at_cool.haxx.se
> Subject: curlopt_seekfunction
> Message-ID:
> <CAO40JLDDp9eJNTVsqxirhEL_7DyfpnEfZtwTVcfSe3Y8naRBAg@
> mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hello There,
> If you have defined and used curlopt_seekfunction, could you please
> share a sample. Currently I am trying to pass the values from the call back
> to "fseek" by casting the void* and offset without success.
>
> void* is cast to file* and offset to int. Not sure whether that is the
> correct approach. Any help with this is much appreciated.
>
> Thanks,
> Biju
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://cool.haxx.se/pipermail/curl-library/
> attachments/20160928/1c7e834a/attachment-0001.html>
>
> ------------------------------
>
> Message: 5
> Date: Thu, 29 Sep 2016 02:16:41 -0400
> From: Ray Satiro <raysatiro_at_yahoo.com>
> To: libcurl development <curl-library_at_cool.haxx.se>
> Subject: Updating minimum cmake version to 2.8.12
> Message-ID: <888312cf-0b3f-7239-dc8f-65752f555657_at_yahoo.com>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> If you are building libcurl using cmake, are you using a version earlier
> than 2.8.12? There is a discussion [1] about updating the minimum
> required cmake version to 2.8.12 because it is easier to maintain and
> improve. The arguments made in support of this seem reasonable. Does
> anyone object?
>
> [1]: https://github.com/curl/curl/issues/1010
>
>
>
> ------------------------------
>
> Message: 6
> Date: Thu, 29 Sep 2016 09:56:55 +0200
> From: Ove Kernell <ove.kernell_at_oksab.se>
> To: <curl-library_at_cool.haxx.se>
> Subject: libcurl smtp terminates with HELP
> Message-ID: <024d01d21a27$0c4e23e0$24ea6ba0$@oksab.se>
> Content-Type: text/plain; charset="utf-8"
>
> Hello,
>
> Trying to send mail with libcurl I get the following SMTP session logged:
>
> 0000: 220 xxxx.se ESMTP MDaemon 13.6.0; Thu, 29 Sep 2016 09:24:49 +02
>
> 0040: 00
>
> 2016/09/29 09:24:50.876: => Send header (data-size: 12/0x000C)
>
> 0000: EHLO XXXXX
>
> 2016/09/29 09:24:50.876: <= Recv header (data-size: 47/0x002F)
>
> 0000: 250-tvlab.se Hello XXXXX, pleased to meet you
>
> 2016/09/29 09:24:50.876: <= Recv header (data-size: 10/0x000A)
>
> 0000: 250-ETRN
>
> 2016/09/29 09:24:50.876: <= Recv header (data-size: 31/0x001F)
>
> 0000: 250-AUTH LOGIN CRAM-MD5 PLAIN
>
> 2016/09/29 09:24:50.876: <= Recv header (data-size: 14/0x000E)
>
> 0000: 250-8BITMIME
>
> 2016/09/29 09:24:50.876: <= Recv header (data-size: 10/0x000A)
>
> 0000: 250 SIZE
>
> 2016/09/29 09:24:50.876: => Send header (data-size: 6/0x0006)
>
> 0000: HELP
>
> 2016/09/29 09:24:50.876: <= Recv header (data-size: 36/0x0024)
>
> 0000: 214 Help system currently inactive
>
> 2016/09/29 09:24:50.876: Connection #0 to host 192.71.73.36 left intact
>
>
>
> What are the possible causes for libcurl to decide to send HELP? Is it a
> signal of libcurl considering an error has occurred
>
> and does libcurl act on the reply?
>
> I see sessions logged from other clients (non-libcurl) and they start
> exactly the same but instead of HELP they proceed with
>
> MAIL FROM after the reply from EHLO.
>
> Regards Ove
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://cool.haxx.se/pipermail/curl-library/
> attachments/20160929/769a082f/attachment-0001.html>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> curl-library mailing list
> curl-library_at_cool.haxx.se
> https://cool.haxx.se/cgi-bin/mailman/listinfo/curl-library
>
>
> ------------------------------
>
> End of curl-library Digest, Vol 133, Issue 33
> *********************************************
>
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-10-05