Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
help - libcurl frozen when retrieve token from microsoft cognitive api
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Hua-Tong Shi via curl-library <curl-library_at_lists.haxx.se>
Date: Mon, 21 Aug 2023 10:22:05 +0000
I referred to the curl sample and wrote the following program.
```C
#include <ctype.h>
#include <curl/curl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
struct data {
char trace_ascii; /* 1 or 0 */
};
struct MemoryStruct {
char *memory;
size_t size;
};
static void dump(const char *text, FILE *stream, unsigned char *ptr, size_t size, char nohex)
{
size_t i;
size_t c;
unsigned int width = 0x10;
if (nohex) /* without the hex output, we can fit more on screen */
width = 0x40;
fprintf(stream, "%s, %10.10lu bytes (0x%8.8lx)\n", text, (unsigned long)size, (unsigned long)size);
for (i = 0; i < size; i += width) {
fprintf(stream, "%4.4lx: ", (unsigned long)i);
if (!nohex) {
/* hex not disabled, show it */
for (c = 0; c < width; c++)
if (i + c < size)
fprintf(stream, "%02x ", ptr[i + c]);
else
fputs(" ", stream);
}
for (c = 0; (c < width) && (i + c < size); c++) {
/* check for 0D0A; if found, skip past and start a new line of output */
if (nohex && (i + c + 1 < size) && ptr[i + c] == 0x0D && ptr[i + c + 1] == 0x0A) {
i += (c + 2 - width);
break;
}
fprintf(stream, "%c", (ptr[i + c] >= 0x20) && (ptr[i + c] < 0x80) ? ptr[i + c] : '.');
/* check again for 0D0A, to avoid an extra \n if it's at width */
if (nohex && (i + c + 2 < size) && ptr[i + c + 1] == 0x0D && ptr[i + c + 2] == 0x0A) {
i += (c + 3 - width);
break;
}
}
fputc('\n', stream); /* newline */
}
fflush(stream);
}
static int my_trace(CURL *handle, curl_infotype type, char *data, size_t size, void *userp)
{
struct data *config = (struct data *)userp;
const char *text;
(void)handle; /* prevent compiler warning */
switch (type) {
case CURLINFO_TEXT:
fprintf(stderr, "== Info: %s", data);
/* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
case CURLINFO_HEADER_OUT:
text = "=> Send header";
break;
case CURLINFO_DATA_OUT:
text = "=> Send data";
break;
case CURLINFO_SSL_DATA_OUT:
text = "=> Send SSL data";
break;
case CURLINFO_HEADER_IN:
text = "<= Recv header";
break;
case CURLINFO_DATA_IN:
text = "<= Recv data";
break;
case CURLINFO_SSL_DATA_IN:
text = "<= Recv SSL data";
break;
}
dump(text, stderr, (unsigned char *)data, size, config->trace_ascii);
return 0;
}
static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
{
size_t realsize = size * nmemb;
struct MemoryStruct *mem = (struct MemoryStruct *)userp;
char *ptr = realloc(mem->memory, mem->size + realsize + 1);
if (!ptr) {
/* out of memory! */
printf("not enough memory (realloc returned NULL)\n");
return 0;
}
mem->memory = ptr;
memcpy(&(mem->memory[mem->size]), contents, realsize);
mem->size += realsize;
mem->memory[mem->size] = 0;
return realsize;
}
int main(void)
{
CURL *curl_ptr = NULL;
struct data config;
struct MemoryStruct chunk;
struct curl_slist *headers_ptr = NULL;
char subscriptionHeader[128];
CURLcode res;
config.trace_ascii = 1; /* enable ascii tracing */
chunk.memory = malloc(1); /* will be grown as needed by realloc above */
chunk.size = 0; /* no data at this point */
curl_ptr = curl_easy_init();
if (curl_ptr) {
headers_ptr = curl_slist_append(headers_ptr, "Content-Length: 0");
snprintf(subscriptionHeader, 128, "%s: %s", "Ocp-Apim-Subscription-Key", "My-Key");
headers_ptr = curl_slist_append(headers_ptr, subscriptionHeader);
curl_easy_setopt(curl_ptr, CURLOPT_URL, "https://eastasia.api.cognitive.microsoft.com/sts/v1.0/issueToken");
curl_easy_setopt(curl_ptr, CURLOPT_POST, 1L);
if (NULL != headers_ptr) {
curl_easy_setopt(curl_ptr, CURLOPT_HTTPHEADER, headers_ptr);
}
curl_easy_setopt(curl_ptr, CURLOPT_DEBUGFUNCTION, my_trace);
curl_easy_setopt(curl_ptr, CURLOPT_DEBUGDATA, &config);
/* the DEBUGFUNCTION has no effect until we enable VERBOSE */
curl_easy_setopt(curl_ptr, CURLOPT_VERBOSE, 1L);
/* send all data to this function */
curl_easy_setopt(curl_ptr, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
/* we pass our 'chunk' struct to the callback function */
curl_easy_setopt(curl_ptr, CURLOPT_WRITEDATA, (void *)&chunk);
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl_ptr);
curl_slist_free_all(headers_ptr);
/* Check for errors */
if (res != CURLE_OK) {
fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
} else {
/*
* Now, our chunk.memory points to a memory block that is chunk.size
* bytes big and contains the remote file.
*
* Do something nice with it!
*/
printf("%s\n", chunk.memory);
}
/* always cleanup */
curl_easy_cleanup(curl_ptr);
}
free(chunk.memory);
curl_global_cleanup();
return 0;
}
```
But the program freezes and the log is as follows.
```bash
root_at_db4f56f11d6f:/# gcc get_token.c -o get_token -lcurl
root_at_db4f56f11d6f:/# ./get_token
== Info: Trying 20.205.69.100:443...
== Info: Connected to eastasia.api.cognitive.microsoft.com (20.205.69.100) port 443 (#0)
== Info: ALPN, offering h2
== Info: ALPN, offering http/1.1
== Info: CAfile: /etc/ssl/certs/ca-certificates.crt
== Info: CApath: /etc/ssl/certs
== Info: TLSv1.0 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 0000000512 bytes (0x00000200)
0000: ......Es}.w....j=^..R..I.h....Z....lOY .....4.d..L....\.......&4
0040: ._,SiE..>.......,.0.........+./...$.(.k.#.'.g.....9.....3.....=.
0080: <.5./.....u...).'..$eastasia.api.cognitive.microsoft.com........
00c0: ..........................3t.........h2.http/1.1.........1.....*
0100: .(.........................................+........-.....3.&.$.
0140: .. w........B.].......<...M'..e*w'7.............................
0180: ................................................................
01c0: ................................................................
== Info: TLSv1.2 (IN), TLS header, Certificate Status (22):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 0000000098 bytes (0x00000062)
0000: ...^..d.6A........|....jP......~.n6u.. >...Z..,.3A]Q....G.5.f.A&
0040: ._at_o.....0..........h2.............
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 0000003808 bytes (0x00000ee0)
0000: ..........0...0..........3....7!6C.D........0...*.H........0Y1.0
0040: ...U....US1.0...U....Microsoft Corporation1*0(..U...!Microsoft A
0080: zure TLS Issuing CA 020...230720152207Z..240627235959Z0{1.0...U.
00c0: ...US1.0...U....WA1.0...U....Redmond1.0...U....Microsoft Corpora
0100: tion1-0+..U...$eastasia.api.cognitive.microsoft.com0.."0...*.H..
0140: ...........0...........s..P(Pff.v.?w*..w...c...6.....I.a........
0180: ...}.....L0.VO,./.*....r....._..-..-.X......3C........2..A.!.0..
01c0: .tD..4.S!....?..;.p+/..[.>.4..rcg.......?..3t....8.g...4f.}0.]D>
0200: ..m.m..):.Q....oL..n....i.......#w8%a?...h.Wt .. Cb..XY......<.-
0240: ...-..[.#.\..... V..........u0..q0..~..+.....y......n...j.h.w...
0280: .d.....\......2.F|....QHYFq.......s........H0F.!.....}..q.%.+>.
02c0: 8..?P.L.*......N..!....#......_at_6.ABE....,+.4k.T!.....u.H..k..G4.
0300: .j...0..R..V.,.....9..s....s........F0D. [4yd.....z..r...'.....L
0340: k.:.z..$.. '..$o.9Af..!"...a.n.a...2....qK..v....k?.."....\k.p.q
0380: l.Q..4..=0H.......s..).....G0E. ....+....$.......|&..1/b...1....
03c0: .!......cM.....8..m..$.1.e..W..4.^.0'..+.....7....0.0...+.......
0400: 0...+.......0<..+.....7.../0-.%+.....7.........F...........]...i
0440: ...>..d..&0....+..........0..0m..+.....0..ahttp://www.microsoft.
0480: com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-
04c0: %20xsign.crt0-..+.....0..!http://oneocsp.microsoft.com/ocsp0...U
0500: ............BK.X.p.=......0...U...........0....U.....0.$eastasi
0540: a.api.cognitive.microsoft.com.$eastasia.dev.cognitive.microsoft.
0580: com..*.cognitiveservices.azure.com..*.openai.azure.com0...U.....
05c0: ..0.0d..U...]0[0Y.W.U.Shttp://www.microsoft.com/pkiops/crl/Micro
0600: soft%20Azure%20TLS%20Issuing%20CA%2002.crl0f..U. ._0]0Q..+.....7
0640: L.}..0A0?..+........3http://www.microsoft.com/pkiops/Docs/Reposi
0680: tory.htm0...g.....0...U.#..0.......!b&...y.aA.`.bg.0...U.%..0...
06c0: +.........+.......0...*.H.............I.....!Lu:.F"w....O.....'0
0700: [0....~.%t.H."...........j3.....&I!.+4....&......{..#......R.N'
0740: V...<.....=.].iB9ne.... ..C.$..........I=.....F.g....Xv.5.}>...
0780: 6....3.wC+V)...-.^..t. 3S......Y.h..7.z...z......v]y)2......#p`.
07c0: ......6.=....S.=..,....u.d.....|.f...MF.|<r9.-..jY..p..ioe.-2.(.
0800: .....3.`.Hx.....p..%.....C.%..<....2 1.|.Q.~."....7...|..=.....Z
0840: ...z..6z...H;ck?....{...U.>..vE...9~G...p....D...u|9....C..~.ooh
0880: j.6.....g=Y...?...:.(....m.G.:|.=`+.O.A...K.....C..i.......=...n
08c0: xP..:.w.r...._gK........<.+.$....\.......0...0...........j.|....
0900: ......2.0...*.H........0a1.0...U....US1.0...U....DigiCert Inc1.0
0940: ...U....www.digicert.com1 0...U....DigiCert Global Root G20...20
0980: 0729123000Z..240627235959Z0Y1.0...U....US1.0...U....Microsoft Co
09c0: rporation1*0(..U...!Microsoft Azure TLS Issuing CA 020.."0...*.H
0a00: .............0.........b;R..N.....bd........-...#l.R.<.Z..Ph....
0a40: .....)a2!.5....O.I..L.......F.(.....*.As.........Y.#....b."+....
0a80: .?..q....k4..#(..$.K.e..].C.V...C).C&...I....P...U.M..8.+!.]....
0ac0: .8t..+/.9..y......!....h*......;x.y.$ XC..s~....f..1J...I,.O.'..
0b00: ..K..........O...?......m.'.$V.4.%C...X]......%.#....p.....'...z
0b40: .n.?...tX.A._at_...+....P9....5.JX...PQ.l..g....m...~....A..Af_at_.Wy.
0b80: ..W....7..u}._.b..-n.Jjqd..\L.9{S.l.W.$ ...1{....m.\./T...-O....
0bc0: .o.l...Q....J..-Xa....U....K.:'&tfJ...S..*.."\.d.:..X.3^..Zp...i
0c00: ."B...PW8...c".`i..o..........0...0...U..........!b&...y.aA.`.b
0c40: g.0...U.#..0...N"T ....n..........90...U...........0...U.%..0...
0c80: +.........+.......0...U.......0.......0v..+........j0h0$..+.....
0cc0: 0...http://ocsp.digicert.com0_at_..+.....0..4http://cacerts.digicer
0d00: t.com/DigiCertGlobalRootG2.crt0{..U...t0r07.5.3.1http://crl3.dig
0d40: icert.com/DigiCertGlobalRootG2.crl07.5.3.1http://crl4.digicert.c
0d80: om/DigiCertGlobalRootG2.crl0...U. ..0.0...g.....0...g.....0...+.
0dc0: ....7.......0...*.H.............3....c.M..An..:.. S....G.e..G_7.
0e00: ~.JAZ.a..B.....&J..:O..O..~W/l..RAV.P.tA..,y.m~..q1...X.x.N.....
0e40: NC..Y.aF..<..<aG_at_.....E.."..Y=B.X."wV.AS9..R.(...N....R....t>K.
0e80: ....r.{..l...=g.9q..nw....'..^...l..v.?...?..=.n/A,;s .-..%.5zy.
0ec0: [..7)A.T...........'w.....hN..^.
== Info: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
<= Recv SSL data, 0000000365 bytes (0x0000016d)
0000: ...i...a...#9V.p....".h..(a8.6.Jp..........Z..bd.9.E.^..p_at_X.o...
0040: $hU.+....-...e..,2b..C*O.3.ql........._l.....L.R.c.Qw.{...1l.M..
0080: ......k.\A..........I3....T.}..3.....^...,.a)..7X.lfk`..>i.i)T.
00c0: SZj>.i....2.N%.Z.......OM...3.........T..X.i.~...y..gy..qLxz..,
0100: ....C....6;.*......=......{Mw.mk.E:'....."...S.)/...B......(.s".
0140: _at_~.b...._....4G=.g........P...'Rh...BM 'B.Y>
== Info: TLSv1.2 (IN), TLS handshake, Server finished (14):
<= Recv SSL data, 0000000004 bytes (0x00000004)
0000: ....
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....f
== Info: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
=> Send SSL data, 0000000102 bytes (0x00000066)
0000: ...ba.........V.!.(..=QK..L. j.S...dT,.{)..j..:....I..MyC.. ....
0040: ...P.e.Gf..,r,..H._at_..[Gu.....z.I......
== Info: TLSv1.2 (OUT), TLS header, Finished (20):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
=> Send SSL data, 0000000001 bytes (0x00000001)
0000: .
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....(
== Info: TLSv1.2 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 0000000016 bytes (0x00000010)
0000: ......R&.s.2...|
== Info: TLSv1.2 (IN), TLS header, Finished (20):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (IN), TLS header, Certificate Status (22):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....(
== Info: TLSv1.2 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 0000000016 bytes (0x00000010)
0000: ...........Vo*.H
== Info: SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
== Info: ALPN, server accepted to use h2
== Info: Server certificate:
== Info: subject: C=US; ST=WA; L=Redmond; O=Microsoft Corporation; CN=eastasia.api.cognitive.microsoft.com
== Info: start date: Jul 20 15:22:07 2023 GMT
== Info: expire date: Jun 27 23:59:59 2024 GMT
== Info: subjectAltName: host "eastasia.api.cognitive.microsoft.com" matched cert's "eastasia.api.cognitive.microsoft.com"
== Info: issuer: C=US; O=Microsoft Corporation; CN=Microsoft Azure TLS Issuing CA 02
== Info: SSL certificate verify ok.
== Info: Using HTTP2, server supports multiplexing
== Info: Connection state changed (HTTP/2 confirmed)
== Info: Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....0
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....3
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....%
== Info: Using Stream ID: 1 (easy handle 0x5603cf886130)
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
=> Send header, 0000000222 bytes (0x000000de)
0000: POST /sts/v1.0/issueToken HTTP/2
0022: Host: eastasia.api.cognitive.microsoft.com
004e: accept: */*
005b: content-length: 0
006e: ocp-apim-subscription-key: My-Key
00ab: content-type: application/x-www-form-urlencoded
00dc:
== Info: TLSv1.2 (IN), TLS header, Supplemental data (23):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ...._at_
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....!
^C
root_at_db4f56f11d6f:/#
```
I try the curl command, it works.
```bash
$ curl -v -X POST "https://eastasia.api.cognitive.microsoft.com/sts/v1.0/issueToken" \
-H "Content-Length: 0" \
-H "Ocp-Apim-Subscription-Key: My-key"
My-token
```
After add the line `curl_easy_setopt(curl_ptr, CURLOPT_HTTP_VERSION, (long)CURL_HTTP_VERSION_1_1);`, I get token successfully.
```bash
root_at_db4f56f11d6f:/# gcc get_token.c -o get_token -lcurl
root_at_db4f56f11d6f:/# ./get_token
== Info: Trying 20.205.69.100:443...
== Info: Connected to eastasia.api.cognitive.microsoft.com (20.205.69.100) port 443 (#0)
== Info: ALPN, offering http/1.1
== Info: CAfile: /etc/ssl/certs/ca-certificates.crt
== Info: CApath: /etc/ssl/certs
== Info: TLSv1.0 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 0000000512 bytes (0x00000200)
0000: .......y.(0|.`.\.e[R.._.6..Z......f# . .^.v..W.{.1..Tm.>..&.9~..
0040: o-......>.......,.0.........+./...$.(.k.#.'.g.....9.....3.....=.
0080: <.5./.....u...).'..$eastasia.api.cognitive.microsoft.com........
00c0: ..........................3t.........http/1.1.........1.....*.(.
0100: ........................................+........-.....3.&.$...
0140: ).db...i/.F..V4.k4CQ..3.........................................
0180: ................................................................
01c0: ................................................................
== Info: TLSv1.2 (IN), TLS header, Certificate Status (22):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 0000000104 bytes (0x00000068)
0000: ...d..d.7/..i.q..F0........%_p...l.#.. .:...&......E..Q.|#.*6.C
0040: .o)mw...0..........http/1.1.............
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 0000003808 bytes (0x00000ee0)
0000: ..........0...0..........3....7!6C.D........0...*.H........0Y1.0
0040: ...U....US1.0...U....Microsoft Corporation1*0(..U...!Microsoft A
0080: zure TLS Issuing CA 020...230720152207Z..240627235959Z0{1.0...U.
00c0: ...US1.0...U....WA1.0...U....Redmond1.0...U....Microsoft Corpora
0100: tion1-0+..U...$eastasia.api.cognitive.microsoft.com0.."0...*.H..
0140: ...........0...........s..P(Pff.v.?w*..w...c...6.....I.a........
0180: ...}.....L0.VO,./.*....r....._..-..-.X......3C........2..A.!.0..
01c0: .tD..4.S!....?..;.p+/..[.>.4..rcg.......?..3t....8.g...4f.}0.]D>
0200: ..m.m..):.Q....oL..n....i.......#w8%a?...h.Wt .. Cb..XY......<.-
0240: ...-..[.#.\..... V..........u0..q0..~..+.....y......n...j.h.w...
0280: .d.....\......2.F|....QHYFq.......s........H0F.!.....}..q.%.+>.
02c0: 8..?P.L.*......N..!....#......_at_6.ABE....,+.4k.T!.....u.H..k..G4.
0300: .j...0..R..V.,.....9..s....s........F0D. [4yd.....z..r...'.....L
0340: k.:.z..$.. '..$o.9Af..!"...a.n.a...2....qK..v....k?.."....\k.p.q
0380: l.Q..4..=0H.......s..).....G0E. ....+....$.......|&..1/b...1....
03c0: .!......cM.....8..m..$.1.e..W..4.^.0'..+.....7....0.0...+.......
0400: 0...+.......0<..+.....7.../0-.%+.....7.........F...........]...i
0440: ...>..d..&0....+..........0..0m..+.....0..ahttp://www.microsoft.
0480: com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-
04c0: %20xsign.crt0-..+.....0..!http://oneocsp.microsoft.com/ocsp0...U
0500: ............BK.X.p.=......0...U...........0....U.....0.$eastasi
0540: a.api.cognitive.microsoft.com.$eastasia.dev.cognitive.microsoft.
0580: com..*.cognitiveservices.azure.com..*.openai.azure.com0...U.....
05c0: ..0.0d..U...]0[0Y.W.U.Shttp://www.microsoft.com/pkiops/crl/Micro
0600: soft%20Azure%20TLS%20Issuing%20CA%2002.crl0f..U. ._0]0Q..+.....7
0640: L.}..0A0?..+........3http://www.microsoft.com/pkiops/Docs/Reposi
0680: tory.htm0...g.....0...U.#..0.......!b&...y.aA.`.bg.0...U.%..0...
06c0: +.........+.......0...*.H.............I.....!Lu:.F"w....O.....'0
0700: [0....~.%t.H."...........j3.....&I!.+4....&......{..#......R.N'
0740: V...<.....=.].iB9ne.... ..C.$..........I=.....F.g....Xv.5.}>...
0780: 6....3.wC+V)...-.^..t. 3S......Y.h..7.z...z......v]y)2......#p`.
07c0: ......6.=....S.=..,....u.d.....|.f...MF.|<r9.-..jY..p..ioe.-2.(.
0800: .....3.`.Hx.....p..%.....C.%..<....2 1.|.Q.~."....7...|..=.....Z
0840: ...z..6z...H;ck?....{...U.>..vE...9~G...p....D...u|9....C..~.ooh
0880: j.6.....g=Y...?...:.(....m.G.:|.=`+.O.A...K.....C..i.......=...n
08c0: xP..:.w.r...._gK........<.+.$....\.......0...0...........j.|....
0900: ......2.0...*.H........0a1.0...U....US1.0...U....DigiCert Inc1.0
0940: ...U....www.digicert.com1 0...U....DigiCert Global Root G20...20
0980: 0729123000Z..240627235959Z0Y1.0...U....US1.0...U....Microsoft Co
09c0: rporation1*0(..U...!Microsoft Azure TLS Issuing CA 020.."0...*.H
0a00: .............0.........b;R..N.....bd........-...#l.R.<.Z..Ph....
0a40: .....)a2!.5....O.I..L.......F.(.....*.As.........Y.#....b."+....
0a80: .?..q....k4..#(..$.K.e..].C.V...C).C&...I....P...U.M..8.+!.]....
0ac0: .8t..+/.9..y......!....h*......;x.y.$ XC..s~....f..1J...I,.O.'..
0b00: ..K..........O...?......m.'.$V.4.%C...X]......%.#....p.....'...z
0b40: .n.?...tX.A._at_...+....P9....5.JX...PQ.l..g....m...~....A..Af_at_.Wy.
0b80: ..W....7..u}._.b..-n.Jjqd..\L.9{S.l.W.$ ...1{....m.\./T...-O....
0bc0: .o.l...Q....J..-Xa....U....K.:'&tfJ...S..*.."\.d.:..X.3^..Zp...i
0c00: ."B...PW8...c".`i..o..........0...0...U..........!b&...y.aA.`.b
0c40: g.0...U.#..0...N"T ....n..........90...U...........0...U.%..0...
0c80: +.........+.......0...U.......0.......0v..+........j0h0$..+.....
0cc0: 0...http://ocsp.digicert.com0_at_..+.....0..4http://cacerts.digicer
0d00: t.com/DigiCertGlobalRootG2.crt0{..U...t0r07.5.3.1http://crl3.dig
0d40: icert.com/DigiCertGlobalRootG2.crl07.5.3.1http://crl4.digicert.c
0d80: om/DigiCertGlobalRootG2.crl0...U. ..0.0...g.....0...g.....0...+.
0dc0: ....7.......0...*.H.............3....c.M..An..:.. S....G.e..G_7.
0e00: ~.JAZ.a..B.....&J..:O..O..~W/l..RAV.P.tA..,y.m~..q1...X.x.N.....
0e40: NC..Y.aF..<..<aG_at_.....E.."..Y=B.X."wV.AS9..R.(...N....R....t>K.
0e80: ....r.{..l...=g.9q..nw....'..^...l..v.?...?..=.n/A,;s .-..%.5zy.
0ec0: [..7)A.T...........'w.....hN..^.
== Info: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
<= Recv SSL data, 0000000365 bytes (0x0000016d)
0000: ...i...a./F.k...H..8...[h#..L..:.../....EZ.... ...Taj,elX....^$.
0040: ...?.J..Tv8(%.'.-."..........!.y3.S.u..........d2.W;.,Wv.....#..
0080: ?..]s...x..Z...".T....#z.|.D.YFgg...\.,.(&8.E...Z...!.r)."..\..?
00c0: <N....qtD..!........>Q..CKX.1P.._at_q...pn.........~v..;L..._at_VY.=.5
0100: ...f....[.\......_at_.._at_.W.......N...X.r1c.~......c..I..|L...Tq,...
0140: I...8......h.....J....\_.I;.....tH].........X
== Info: TLSv1.2 (IN), TLS handshake, Server finished (14):
<= Recv SSL data, 0000000004 bytes (0x00000004)
0000: ....
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....f
== Info: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
=> Send SSL data, 0000000102 bytes (0x00000066)
0000: ...ba........./.|I%E...V.....8..FR..d..w.g.....=..Z.............
0040: 4..'..l0.(&...#....M~-9$..i..l.v'C...v
== Info: TLSv1.2 (OUT), TLS header, Finished (20):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
=> Send SSL data, 0000000001 bytes (0x00000001)
0000: .
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....(
== Info: TLSv1.2 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 0000000016 bytes (0x00000010)
0000: ....}........[4.
== Info: TLSv1.2 (IN), TLS header, Finished (20):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (IN), TLS header, Certificate Status (22):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....(
== Info: TLSv1.2 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 0000000016 bytes (0x00000010)
0000: ........._at_....|.
== Info: SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
== Info: ALPN, server accepted to use http/1.1
== Info: Server certificate:
== Info: subject: C=US; ST=WA; L=Redmond; O=Microsoft Corporation; CN=eastasia.api.cognitive.microsoft.com
== Info: start date: Jul 20 15:22:07 2023 GMT
== Info: expire date: Jun 27 23:59:59 2024 GMT
== Info: subjectAltName: host "eastasia.api.cognitive.microsoft.com" matched cert's "eastasia.api.cognitive.microsoft.com"
== Info: issuer: C=US; O=Microsoft Corporation; CN=Microsoft Azure TLS Issuing CA 02
== Info: SSL certificate verify ok.
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....*
=> Send header, 0000000274 bytes (0x00000112)
0000: POST /sts/v1.0/issueToken HTTP/1.1
0024: Host: eastasia.api.cognitive.microsoft.com
0050: Accept: */*
005d: Transfer-Encoding: chunked
0079: Content-Length: 0
008c: Ocp-Apim-Subscription-Key: My-key
00c9: Content-Type: application/x-www-form-urlencoded
00fa: Expect: 100-continue
0110:
== Info: TLSv1.2 (IN), TLS header, Supplemental data (23):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....h
== Info: Mark bundle as not supporting multiuse
<= Recv header, 0000000017 bytes (0x00000011)
0000: HTTP/1.1 200 OK
<= Recv header, 0000000021 bytes (0x00000015)
0000: Content-Length: 777
<= Recv header, 0000000031 bytes (0x0000001f)
0000: Content-Type: application/jwt
<= Recv header, 0000000034 bytes (0x00000022)
0000: x-envoy-upstream-service-time: 1
<= Recv header, 0000000055 bytes (0x00000037)
0000: apim-request-id: ef6c08b0-39fe-4650-86c1-4feced9572b5
<= Recv header, 0000000073 bytes (0x00000049)
0000: Strict-Transport-Security: max-age=31536000; includeSubDomains;
0040: preload
<= Recv header, 0000000033 bytes (0x00000021)
0000: x-content-type-options: nosniff
<= Recv header, 0000000024 bytes (0x00000018)
0000: x-ms-region: East Asia
<= Recv header, 0000000037 bytes (0x00000025)
0000: Date: Mon, 21 Aug 2023 10:06:39 GMT
<= Recv header, 0000000002 bytes (0x00000002)
0000:
<= Recv data, 0000000777 bytes (0x00000309)
0000: eyJ....My...Token
== Info: Connection #0 to host eastasia.api.cognitive.microsoft.com left intact
eyJ....My...Token
root_at_db4f56f11d6f:/#
```
CURL version
```bash
$ curl -V
curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.14
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd
```
Operating System
Run in docker image Ubuntu 22.04, host on Ubuntu 20.04
```bash
$ uname -a
Linux db4f56f11d6f 5.15.0-60-generic #66~20.04.1-Ubuntu SMP Wed Jan 25 09:41:30 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 22.04.2 LTS
Release: 22.04
Codename: jammy
```
Date: Mon, 21 Aug 2023 10:22:05 +0000
I referred to the curl sample and wrote the following program.
```C
#include <ctype.h>
#include <curl/curl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
struct data {
char trace_ascii; /* 1 or 0 */
};
struct MemoryStruct {
char *memory;
size_t size;
};
static void dump(const char *text, FILE *stream, unsigned char *ptr, size_t size, char nohex)
{
size_t i;
size_t c;
unsigned int width = 0x10;
if (nohex) /* without the hex output, we can fit more on screen */
width = 0x40;
fprintf(stream, "%s, %10.10lu bytes (0x%8.8lx)\n", text, (unsigned long)size, (unsigned long)size);
for (i = 0; i < size; i += width) {
fprintf(stream, "%4.4lx: ", (unsigned long)i);
if (!nohex) {
/* hex not disabled, show it */
for (c = 0; c < width; c++)
if (i + c < size)
fprintf(stream, "%02x ", ptr[i + c]);
else
fputs(" ", stream);
}
for (c = 0; (c < width) && (i + c < size); c++) {
/* check for 0D0A; if found, skip past and start a new line of output */
if (nohex && (i + c + 1 < size) && ptr[i + c] == 0x0D && ptr[i + c + 1] == 0x0A) {
i += (c + 2 - width);
break;
}
fprintf(stream, "%c", (ptr[i + c] >= 0x20) && (ptr[i + c] < 0x80) ? ptr[i + c] : '.');
/* check again for 0D0A, to avoid an extra \n if it's at width */
if (nohex && (i + c + 2 < size) && ptr[i + c + 1] == 0x0D && ptr[i + c + 2] == 0x0A) {
i += (c + 3 - width);
break;
}
}
fputc('\n', stream); /* newline */
}
fflush(stream);
}
static int my_trace(CURL *handle, curl_infotype type, char *data, size_t size, void *userp)
{
struct data *config = (struct data *)userp;
const char *text;
(void)handle; /* prevent compiler warning */
switch (type) {
case CURLINFO_TEXT:
fprintf(stderr, "== Info: %s", data);
/* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
case CURLINFO_HEADER_OUT:
text = "=> Send header";
break;
case CURLINFO_DATA_OUT:
text = "=> Send data";
break;
case CURLINFO_SSL_DATA_OUT:
text = "=> Send SSL data";
break;
case CURLINFO_HEADER_IN:
text = "<= Recv header";
break;
case CURLINFO_DATA_IN:
text = "<= Recv data";
break;
case CURLINFO_SSL_DATA_IN:
text = "<= Recv SSL data";
break;
}
dump(text, stderr, (unsigned char *)data, size, config->trace_ascii);
return 0;
}
static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
{
size_t realsize = size * nmemb;
struct MemoryStruct *mem = (struct MemoryStruct *)userp;
char *ptr = realloc(mem->memory, mem->size + realsize + 1);
if (!ptr) {
/* out of memory! */
printf("not enough memory (realloc returned NULL)\n");
return 0;
}
mem->memory = ptr;
memcpy(&(mem->memory[mem->size]), contents, realsize);
mem->size += realsize;
mem->memory[mem->size] = 0;
return realsize;
}
int main(void)
{
CURL *curl_ptr = NULL;
struct data config;
struct MemoryStruct chunk;
struct curl_slist *headers_ptr = NULL;
char subscriptionHeader[128];
CURLcode res;
config.trace_ascii = 1; /* enable ascii tracing */
chunk.memory = malloc(1); /* will be grown as needed by realloc above */
chunk.size = 0; /* no data at this point */
curl_ptr = curl_easy_init();
if (curl_ptr) {
headers_ptr = curl_slist_append(headers_ptr, "Content-Length: 0");
snprintf(subscriptionHeader, 128, "%s: %s", "Ocp-Apim-Subscription-Key", "My-Key");
headers_ptr = curl_slist_append(headers_ptr, subscriptionHeader);
curl_easy_setopt(curl_ptr, CURLOPT_URL, "https://eastasia.api.cognitive.microsoft.com/sts/v1.0/issueToken");
curl_easy_setopt(curl_ptr, CURLOPT_POST, 1L);
if (NULL != headers_ptr) {
curl_easy_setopt(curl_ptr, CURLOPT_HTTPHEADER, headers_ptr);
}
curl_easy_setopt(curl_ptr, CURLOPT_DEBUGFUNCTION, my_trace);
curl_easy_setopt(curl_ptr, CURLOPT_DEBUGDATA, &config);
/* the DEBUGFUNCTION has no effect until we enable VERBOSE */
curl_easy_setopt(curl_ptr, CURLOPT_VERBOSE, 1L);
/* send all data to this function */
curl_easy_setopt(curl_ptr, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
/* we pass our 'chunk' struct to the callback function */
curl_easy_setopt(curl_ptr, CURLOPT_WRITEDATA, (void *)&chunk);
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl_ptr);
curl_slist_free_all(headers_ptr);
/* Check for errors */
if (res != CURLE_OK) {
fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
} else {
/*
* Now, our chunk.memory points to a memory block that is chunk.size
* bytes big and contains the remote file.
*
* Do something nice with it!
*/
printf("%s\n", chunk.memory);
}
/* always cleanup */
curl_easy_cleanup(curl_ptr);
}
free(chunk.memory);
curl_global_cleanup();
return 0;
}
```
But the program freezes and the log is as follows.
```bash
root_at_db4f56f11d6f:/# gcc get_token.c -o get_token -lcurl
root_at_db4f56f11d6f:/# ./get_token
== Info: Trying 20.205.69.100:443...
== Info: Connected to eastasia.api.cognitive.microsoft.com (20.205.69.100) port 443 (#0)
== Info: ALPN, offering h2
== Info: ALPN, offering http/1.1
== Info: CAfile: /etc/ssl/certs/ca-certificates.crt
== Info: CApath: /etc/ssl/certs
== Info: TLSv1.0 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 0000000512 bytes (0x00000200)
0000: ......Es}.w....j=^..R..I.h....Z....lOY .....4.d..L....\.......&4
0040: ._,SiE..>.......,.0.........+./...$.(.k.#.'.g.....9.....3.....=.
0080: <.5./.....u...).'..$eastasia.api.cognitive.microsoft.com........
00c0: ..........................3t.........h2.http/1.1.........1.....*
0100: .(.........................................+........-.....3.&.$.
0140: .. w........B.].......<...M'..e*w'7.............................
0180: ................................................................
01c0: ................................................................
== Info: TLSv1.2 (IN), TLS header, Certificate Status (22):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 0000000098 bytes (0x00000062)
0000: ...^..d.6A........|....jP......~.n6u.. >...Z..,.3A]Q....G.5.f.A&
0040: ._at_o.....0..........h2.............
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 0000003808 bytes (0x00000ee0)
0000: ..........0...0..........3....7!6C.D........0...*.H........0Y1.0
0040: ...U....US1.0...U....Microsoft Corporation1*0(..U...!Microsoft A
0080: zure TLS Issuing CA 020...230720152207Z..240627235959Z0{1.0...U.
00c0: ...US1.0...U....WA1.0...U....Redmond1.0...U....Microsoft Corpora
0100: tion1-0+..U...$eastasia.api.cognitive.microsoft.com0.."0...*.H..
0140: ...........0...........s..P(Pff.v.?w*..w...c...6.....I.a........
0180: ...}.....L0.VO,./.*....r....._..-..-.X......3C........2..A.!.0..
01c0: .tD..4.S!....?..;.p+/..[.>.4..rcg.......?..3t....8.g...4f.}0.]D>
0200: ..m.m..):.Q....oL..n....i.......#w8%a?...h.Wt .. Cb..XY......<.-
0240: ...-..[.#.\..... V..........u0..q0..~..+.....y......n...j.h.w...
0280: .d.....\......2.F|....QHYFq.......s........H0F.!.....}..q.%.+>.
02c0: 8..?P.L.*......N..!....#......_at_6.ABE....,+.4k.T!.....u.H..k..G4.
0300: .j...0..R..V.,.....9..s....s........F0D. [4yd.....z..r...'.....L
0340: k.:.z..$.. '..$o.9Af..!"...a.n.a...2....qK..v....k?.."....\k.p.q
0380: l.Q..4..=0H.......s..).....G0E. ....+....$.......|&..1/b...1....
03c0: .!......cM.....8..m..$.1.e..W..4.^.0'..+.....7....0.0...+.......
0400: 0...+.......0<..+.....7.../0-.%+.....7.........F...........]...i
0440: ...>..d..&0....+..........0..0m..+.....0..ahttp://www.microsoft.
0480: com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-
04c0: %20xsign.crt0-..+.....0..!http://oneocsp.microsoft.com/ocsp0...U
0500: ............BK.X.p.=......0...U...........0....U.....0.$eastasi
0540: a.api.cognitive.microsoft.com.$eastasia.dev.cognitive.microsoft.
0580: com..*.cognitiveservices.azure.com..*.openai.azure.com0...U.....
05c0: ..0.0d..U...]0[0Y.W.U.Shttp://www.microsoft.com/pkiops/crl/Micro
0600: soft%20Azure%20TLS%20Issuing%20CA%2002.crl0f..U. ._0]0Q..+.....7
0640: L.}..0A0?..+........3http://www.microsoft.com/pkiops/Docs/Reposi
0680: tory.htm0...g.....0...U.#..0.......!b&...y.aA.`.bg.0...U.%..0...
06c0: +.........+.......0...*.H.............I.....!Lu:.F"w....O.....'0
0700: [0....~.%t.H."...........j3.....&I!.+4....&......{..#......R.N'
0740: V...<.....=.].iB9ne.... ..C.$..........I=.....F.g....Xv.5.}>...
0780: 6....3.wC+V)...-.^..t. 3S......Y.h..7.z...z......v]y)2......#p`.
07c0: ......6.=....S.=..,....u.d.....|.f...MF.|<r9.-..jY..p..ioe.-2.(.
0800: .....3.`.Hx.....p..%.....C.%..<....2 1.|.Q.~."....7...|..=.....Z
0840: ...z..6z...H;ck?....{...U.>..vE...9~G...p....D...u|9....C..~.ooh
0880: j.6.....g=Y...?...:.(....m.G.:|.=`+.O.A...K.....C..i.......=...n
08c0: xP..:.w.r...._gK........<.+.$....\.......0...0...........j.|....
0900: ......2.0...*.H........0a1.0...U....US1.0...U....DigiCert Inc1.0
0940: ...U....www.digicert.com1 0...U....DigiCert Global Root G20...20
0980: 0729123000Z..240627235959Z0Y1.0...U....US1.0...U....Microsoft Co
09c0: rporation1*0(..U...!Microsoft Azure TLS Issuing CA 020.."0...*.H
0a00: .............0.........b;R..N.....bd........-...#l.R.<.Z..Ph....
0a40: .....)a2!.5....O.I..L.......F.(.....*.As.........Y.#....b."+....
0a80: .?..q....k4..#(..$.K.e..].C.V...C).C&...I....P...U.M..8.+!.]....
0ac0: .8t..+/.9..y......!....h*......;x.y.$ XC..s~....f..1J...I,.O.'..
0b00: ..K..........O...?......m.'.$V.4.%C...X]......%.#....p.....'...z
0b40: .n.?...tX.A._at_...+....P9....5.JX...PQ.l..g....m...~....A..Af_at_.Wy.
0b80: ..W....7..u}._.b..-n.Jjqd..\L.9{S.l.W.$ ...1{....m.\./T...-O....
0bc0: .o.l...Q....J..-Xa....U....K.:'&tfJ...S..*.."\.d.:..X.3^..Zp...i
0c00: ."B...PW8...c".`i..o..........0...0...U..........!b&...y.aA.`.b
0c40: g.0...U.#..0...N"T ....n..........90...U...........0...U.%..0...
0c80: +.........+.......0...U.......0.......0v..+........j0h0$..+.....
0cc0: 0...http://ocsp.digicert.com0_at_..+.....0..4http://cacerts.digicer
0d00: t.com/DigiCertGlobalRootG2.crt0{..U...t0r07.5.3.1http://crl3.dig
0d40: icert.com/DigiCertGlobalRootG2.crl07.5.3.1http://crl4.digicert.c
0d80: om/DigiCertGlobalRootG2.crl0...U. ..0.0...g.....0...g.....0...+.
0dc0: ....7.......0...*.H.............3....c.M..An..:.. S....G.e..G_7.
0e00: ~.JAZ.a..B.....&J..:O..O..~W/l..RAV.P.tA..,y.m~..q1...X.x.N.....
0e40: NC..Y.aF..<..<aG_at_.....E.."..Y=B.X."wV.AS9..R.(...N....R....t>K.
0e80: ....r.{..l...=g.9q..nw....'..^...l..v.?...?..=.n/A,;s .-..%.5zy.
0ec0: [..7)A.T...........'w.....hN..^.
== Info: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
<= Recv SSL data, 0000000365 bytes (0x0000016d)
0000: ...i...a...#9V.p....".h..(a8.6.Jp..........Z..bd.9.E.^..p_at_X.o...
0040: $hU.+....-...e..,2b..C*O.3.ql........._l.....L.R.c.Qw.{...1l.M..
0080: ......k.\A..........I3....T.}..3.....^...,.a)..7X.lfk`..>i.i)T.
00c0: SZj>.i....2.N%.Z.......OM...3.........T..X.i.~...y..gy..qLxz..,
0100: ....C....6;.*......=......{Mw.mk.E:'....."...S.)/...B......(.s".
0140: _at_~.b...._....4G=.g........P...'Rh...BM 'B.Y>
== Info: TLSv1.2 (IN), TLS handshake, Server finished (14):
<= Recv SSL data, 0000000004 bytes (0x00000004)
0000: ....
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....f
== Info: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
=> Send SSL data, 0000000102 bytes (0x00000066)
0000: ...ba.........V.!.(..=QK..L. j.S...dT,.{)..j..:....I..MyC.. ....
0040: ...P.e.Gf..,r,..H._at_..[Gu.....z.I......
== Info: TLSv1.2 (OUT), TLS header, Finished (20):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
=> Send SSL data, 0000000001 bytes (0x00000001)
0000: .
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....(
== Info: TLSv1.2 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 0000000016 bytes (0x00000010)
0000: ......R&.s.2...|
== Info: TLSv1.2 (IN), TLS header, Finished (20):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (IN), TLS header, Certificate Status (22):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....(
== Info: TLSv1.2 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 0000000016 bytes (0x00000010)
0000: ...........Vo*.H
== Info: SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
== Info: ALPN, server accepted to use h2
== Info: Server certificate:
== Info: subject: C=US; ST=WA; L=Redmond; O=Microsoft Corporation; CN=eastasia.api.cognitive.microsoft.com
== Info: start date: Jul 20 15:22:07 2023 GMT
== Info: expire date: Jun 27 23:59:59 2024 GMT
== Info: subjectAltName: host "eastasia.api.cognitive.microsoft.com" matched cert's "eastasia.api.cognitive.microsoft.com"
== Info: issuer: C=US; O=Microsoft Corporation; CN=Microsoft Azure TLS Issuing CA 02
== Info: SSL certificate verify ok.
== Info: Using HTTP2, server supports multiplexing
== Info: Connection state changed (HTTP/2 confirmed)
== Info: Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....0
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....3
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....%
== Info: Using Stream ID: 1 (easy handle 0x5603cf886130)
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
=> Send header, 0000000222 bytes (0x000000de)
0000: POST /sts/v1.0/issueToken HTTP/2
0022: Host: eastasia.api.cognitive.microsoft.com
004e: accept: */*
005b: content-length: 0
006e: ocp-apim-subscription-key: My-Key
00ab: content-type: application/x-www-form-urlencoded
00dc:
== Info: TLSv1.2 (IN), TLS header, Supplemental data (23):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ...._at_
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....!
^C
root_at_db4f56f11d6f:/#
```
I try the curl command, it works.
```bash
$ curl -v -X POST "https://eastasia.api.cognitive.microsoft.com/sts/v1.0/issueToken" \
-H "Content-Length: 0" \
-H "Ocp-Apim-Subscription-Key: My-key"
My-token
```
After add the line `curl_easy_setopt(curl_ptr, CURLOPT_HTTP_VERSION, (long)CURL_HTTP_VERSION_1_1);`, I get token successfully.
```bash
root_at_db4f56f11d6f:/# gcc get_token.c -o get_token -lcurl
root_at_db4f56f11d6f:/# ./get_token
== Info: Trying 20.205.69.100:443...
== Info: Connected to eastasia.api.cognitive.microsoft.com (20.205.69.100) port 443 (#0)
== Info: ALPN, offering http/1.1
== Info: CAfile: /etc/ssl/certs/ca-certificates.crt
== Info: CApath: /etc/ssl/certs
== Info: TLSv1.0 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 0000000512 bytes (0x00000200)
0000: .......y.(0|.`.\.e[R.._.6..Z......f# . .^.v..W.{.1..Tm.>..&.9~..
0040: o-......>.......,.0.........+./...$.(.k.#.'.g.....9.....3.....=.
0080: <.5./.....u...).'..$eastasia.api.cognitive.microsoft.com........
00c0: ..........................3t.........http/1.1.........1.....*.(.
0100: ........................................+........-.....3.&.$...
0140: ).db...i/.F..V4.k4CQ..3.........................................
0180: ................................................................
01c0: ................................................................
== Info: TLSv1.2 (IN), TLS header, Certificate Status (22):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 0000000104 bytes (0x00000068)
0000: ...d..d.7/..i.q..F0........%_p...l.#.. .:...&......E..Q.|#.*6.C
0040: .o)mw...0..........http/1.1.............
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 0000003808 bytes (0x00000ee0)
0000: ..........0...0..........3....7!6C.D........0...*.H........0Y1.0
0040: ...U....US1.0...U....Microsoft Corporation1*0(..U...!Microsoft A
0080: zure TLS Issuing CA 020...230720152207Z..240627235959Z0{1.0...U.
00c0: ...US1.0...U....WA1.0...U....Redmond1.0...U....Microsoft Corpora
0100: tion1-0+..U...$eastasia.api.cognitive.microsoft.com0.."0...*.H..
0140: ...........0...........s..P(Pff.v.?w*..w...c...6.....I.a........
0180: ...}.....L0.VO,./.*....r....._..-..-.X......3C........2..A.!.0..
01c0: .tD..4.S!....?..;.p+/..[.>.4..rcg.......?..3t....8.g...4f.}0.]D>
0200: ..m.m..):.Q....oL..n....i.......#w8%a?...h.Wt .. Cb..XY......<.-
0240: ...-..[.#.\..... V..........u0..q0..~..+.....y......n...j.h.w...
0280: .d.....\......2.F|....QHYFq.......s........H0F.!.....}..q.%.+>.
02c0: 8..?P.L.*......N..!....#......_at_6.ABE....,+.4k.T!.....u.H..k..G4.
0300: .j...0..R..V.,.....9..s....s........F0D. [4yd.....z..r...'.....L
0340: k.:.z..$.. '..$o.9Af..!"...a.n.a...2....qK..v....k?.."....\k.p.q
0380: l.Q..4..=0H.......s..).....G0E. ....+....$.......|&..1/b...1....
03c0: .!......cM.....8..m..$.1.e..W..4.^.0'..+.....7....0.0...+.......
0400: 0...+.......0<..+.....7.../0-.%+.....7.........F...........]...i
0440: ...>..d..&0....+..........0..0m..+.....0..ahttp://www.microsoft.
0480: com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-
04c0: %20xsign.crt0-..+.....0..!http://oneocsp.microsoft.com/ocsp0...U
0500: ............BK.X.p.=......0...U...........0....U.....0.$eastasi
0540: a.api.cognitive.microsoft.com.$eastasia.dev.cognitive.microsoft.
0580: com..*.cognitiveservices.azure.com..*.openai.azure.com0...U.....
05c0: ..0.0d..U...]0[0Y.W.U.Shttp://www.microsoft.com/pkiops/crl/Micro
0600: soft%20Azure%20TLS%20Issuing%20CA%2002.crl0f..U. ._0]0Q..+.....7
0640: L.}..0A0?..+........3http://www.microsoft.com/pkiops/Docs/Reposi
0680: tory.htm0...g.....0...U.#..0.......!b&...y.aA.`.bg.0...U.%..0...
06c0: +.........+.......0...*.H.............I.....!Lu:.F"w....O.....'0
0700: [0....~.%t.H."...........j3.....&I!.+4....&......{..#......R.N'
0740: V...<.....=.].iB9ne.... ..C.$..........I=.....F.g....Xv.5.}>...
0780: 6....3.wC+V)...-.^..t. 3S......Y.h..7.z...z......v]y)2......#p`.
07c0: ......6.=....S.=..,....u.d.....|.f...MF.|<r9.-..jY..p..ioe.-2.(.
0800: .....3.`.Hx.....p..%.....C.%..<....2 1.|.Q.~."....7...|..=.....Z
0840: ...z..6z...H;ck?....{...U.>..vE...9~G...p....D...u|9....C..~.ooh
0880: j.6.....g=Y...?...:.(....m.G.:|.=`+.O.A...K.....C..i.......=...n
08c0: xP..:.w.r...._gK........<.+.$....\.......0...0...........j.|....
0900: ......2.0...*.H........0a1.0...U....US1.0...U....DigiCert Inc1.0
0940: ...U....www.digicert.com1 0...U....DigiCert Global Root G20...20
0980: 0729123000Z..240627235959Z0Y1.0...U....US1.0...U....Microsoft Co
09c0: rporation1*0(..U...!Microsoft Azure TLS Issuing CA 020.."0...*.H
0a00: .............0.........b;R..N.....bd........-...#l.R.<.Z..Ph....
0a40: .....)a2!.5....O.I..L.......F.(.....*.As.........Y.#....b."+....
0a80: .?..q....k4..#(..$.K.e..].C.V...C).C&...I....P...U.M..8.+!.]....
0ac0: .8t..+/.9..y......!....h*......;x.y.$ XC..s~....f..1J...I,.O.'..
0b00: ..K..........O...?......m.'.$V.4.%C...X]......%.#....p.....'...z
0b40: .n.?...tX.A._at_...+....P9....5.JX...PQ.l..g....m...~....A..Af_at_.Wy.
0b80: ..W....7..u}._.b..-n.Jjqd..\L.9{S.l.W.$ ...1{....m.\./T...-O....
0bc0: .o.l...Q....J..-Xa....U....K.:'&tfJ...S..*.."\.d.:..X.3^..Zp...i
0c00: ."B...PW8...c".`i..o..........0...0...U..........!b&...y.aA.`.b
0c40: g.0...U.#..0...N"T ....n..........90...U...........0...U.%..0...
0c80: +.........+.......0...U.......0.......0v..+........j0h0$..+.....
0cc0: 0...http://ocsp.digicert.com0_at_..+.....0..4http://cacerts.digicer
0d00: t.com/DigiCertGlobalRootG2.crt0{..U...t0r07.5.3.1http://crl3.dig
0d40: icert.com/DigiCertGlobalRootG2.crl07.5.3.1http://crl4.digicert.c
0d80: om/DigiCertGlobalRootG2.crl0...U. ..0.0...g.....0...g.....0...+.
0dc0: ....7.......0...*.H.............3....c.M..An..:.. S....G.e..G_7.
0e00: ~.JAZ.a..B.....&J..:O..O..~W/l..RAV.P.tA..,y.m~..q1...X.x.N.....
0e40: NC..Y.aF..<..<aG_at_.....E.."..Y=B.X."wV.AS9..R.(...N....R....t>K.
0e80: ....r.{..l...=g.9q..nw....'..^...l..v.?...?..=.n/A,;s .-..%.5zy.
0ec0: [..7)A.T...........'w.....hN..^.
== Info: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
<= Recv SSL data, 0000000365 bytes (0x0000016d)
0000: ...i...a./F.k...H..8...[h#..L..:.../....EZ.... ...Taj,elX....^$.
0040: ...?.J..Tv8(%.'.-."..........!.y3.S.u..........d2.W;.,Wv.....#..
0080: ?..]s...x..Z...".T....#z.|.D.YFgg...\.,.(&8.E...Z...!.r)."..\..?
00c0: <N....qtD..!........>Q..CKX.1P.._at_q...pn.........~v..;L..._at_VY.=.5
0100: ...f....[.\......_at_.._at_.W.......N...X.r1c.~......c..I..|L...Tq,...
0140: I...8......h.....J....\_.I;.....tH].........X
== Info: TLSv1.2 (IN), TLS handshake, Server finished (14):
<= Recv SSL data, 0000000004 bytes (0x00000004)
0000: ....
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....f
== Info: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
=> Send SSL data, 0000000102 bytes (0x00000066)
0000: ...ba........./.|I%E...V.....8..FR..d..w.g.....=..Z.............
0040: 4..'..l0.(&...#....M~-9$..i..l.v'C...v
== Info: TLSv1.2 (OUT), TLS header, Finished (20):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
=> Send SSL data, 0000000001 bytes (0x00000001)
0000: .
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....(
== Info: TLSv1.2 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 0000000016 bytes (0x00000010)
0000: ....}........[4.
== Info: TLSv1.2 (IN), TLS header, Finished (20):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (IN), TLS header, Certificate Status (22):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....(
== Info: TLSv1.2 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 0000000016 bytes (0x00000010)
0000: ........._at_....|.
== Info: SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
== Info: ALPN, server accepted to use http/1.1
== Info: Server certificate:
== Info: subject: C=US; ST=WA; L=Redmond; O=Microsoft Corporation; CN=eastasia.api.cognitive.microsoft.com
== Info: start date: Jul 20 15:22:07 2023 GMT
== Info: expire date: Jun 27 23:59:59 2024 GMT
== Info: subjectAltName: host "eastasia.api.cognitive.microsoft.com" matched cert's "eastasia.api.cognitive.microsoft.com"
== Info: issuer: C=US; O=Microsoft Corporation; CN=Microsoft Azure TLS Issuing CA 02
== Info: SSL certificate verify ok.
== Info: TLSv1.2 (OUT), TLS header, Supplemental data (23):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....*
=> Send header, 0000000274 bytes (0x00000112)
0000: POST /sts/v1.0/issueToken HTTP/1.1
0024: Host: eastasia.api.cognitive.microsoft.com
0050: Accept: */*
005d: Transfer-Encoding: chunked
0079: Content-Length: 0
008c: Ocp-Apim-Subscription-Key: My-key
00c9: Content-Type: application/x-www-form-urlencoded
00fa: Expect: 100-continue
0110:
== Info: TLSv1.2 (IN), TLS header, Supplemental data (23):
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....h
== Info: Mark bundle as not supporting multiuse
<= Recv header, 0000000017 bytes (0x00000011)
0000: HTTP/1.1 200 OK
<= Recv header, 0000000021 bytes (0x00000015)
0000: Content-Length: 777
<= Recv header, 0000000031 bytes (0x0000001f)
0000: Content-Type: application/jwt
<= Recv header, 0000000034 bytes (0x00000022)
0000: x-envoy-upstream-service-time: 1
<= Recv header, 0000000055 bytes (0x00000037)
0000: apim-request-id: ef6c08b0-39fe-4650-86c1-4feced9572b5
<= Recv header, 0000000073 bytes (0x00000049)
0000: Strict-Transport-Security: max-age=31536000; includeSubDomains;
0040: preload
<= Recv header, 0000000033 bytes (0x00000021)
0000: x-content-type-options: nosniff
<= Recv header, 0000000024 bytes (0x00000018)
0000: x-ms-region: East Asia
<= Recv header, 0000000037 bytes (0x00000025)
0000: Date: Mon, 21 Aug 2023 10:06:39 GMT
<= Recv header, 0000000002 bytes (0x00000002)
0000:
<= Recv data, 0000000777 bytes (0x00000309)
0000: eyJ....My...Token
== Info: Connection #0 to host eastasia.api.cognitive.microsoft.com left intact
eyJ....My...Token
root_at_db4f56f11d6f:/#
```
CURL version
```bash
$ curl -V
curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.14
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd
```
Operating System
Run in docker image Ubuntu 22.04, host on Ubuntu 20.04
```bash
$ uname -a
Linux db4f56f11d6f 5.15.0-60-generic #66~20.04.1-Ubuntu SMP Wed Jan 25 09:41:30 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 22.04.2 LTS
Release: 22.04
Codename: jammy
```
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2023-08-21