wget工作时访问https时出现curl错误52

【问题标题】:curl error 52 when accessing https when wget workswget工作时访问https时出现curl错误52
【发布时间】:2019-04-16 04:28:50
【问题描述】:

我正在尝试通过 curl(macOS 上为 7.62.0)访问 Snom D315 手机的 Web 界面,但我不断收到错误 52(CURLE_GOT_NOTHING):

$ curl --insecure --user admin:password https://172.16.99.61/settings.xml
curl: (52) Empty reply from server

有趣的事实:

  • 通过 HTTP 访问按预期工作
  • 页面 (HTTPS) 在浏览器中或通过 wget (1.19.5) 可以正常打开
  • 它也适用于较旧的Snom D300 设备(当然使用不同的固件)

感谢任何帮助!

P.S.:我已经阅读了this question 的答案,但无济于事。我还在 Debian 上使用不同的 D315 和 curl 7.52.1 确认了这种行为,并将手机的固件更新到了最新版本。

详情

卷曲

这是curl --trace-ascii --trace-time --insecure --user admin:password https://172.16.99.61/settings.xml的输出:

11:31:18.201318 == Info:   Trying 172.16.99.61...
11:31:18.201651 == Info: TCP_NODELAY set
11:31:18.202233 == Info: Connected to 172.16.99.61 (172.16.99.61) port 443 (#0)
11:31:18.205540 == Info: ALPN, offering http/1.1
11:31:18.205555 == Info: WARNING: disabling hostname validation also disables SNI.
11:31:18.267158 == Info: TLS 1.2 connection using TLS_RSA_WITH_AES_128_GCM_SHA256
11:31:18.267184 == Info: ALPN, server did not agree to a protocol
11:31:18.270517 == Info: Server certificate: xxxxxxxxxxxx
11:31:18.270615 == Info: Server certificate: Snom Phone 1
11:31:18.270712 == Info: Server certificate: Snom Technology AG CA
11:31:18.270730 == Info: Server auth using Basic with user 'admin'
11:31:18.270784 => Send header, 131 bytes (0x83)
0000: GET /settings.xml HTTP/1.1
001c: Host: 172.16.99.61
0030: Authorization: Basic XXXXXXXXXXXXXXXXXXX=
005b: User-Agent: curl/7.62.0
0074: Accept: */*
0081: 
11:31:18.391320 == Info: Empty reply from server
11:31:18.391337 == Info: Connection #0 to host 172.16.99.61 left intact

这是来自相关手机的相应日志:

Nov 13 11:31:17.394 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [DEBUG2] PHN: WEB: HTTP 944/443 accepted from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 handshake start
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 SSL_accept/0 before/accept initialization (0)
Nov 13 11:31:17.396 [DEBUG2] PHN: WEB: HTTP 944/443 connected
Nov 13 11:31:17.399 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:31:17.400 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.408 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 handshake done
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 SetHandshakeFinished()
Nov 13 11:31:17.463 [INFO ] PHN: WEB: Request 944/131/0: GET /settings.xml HTTP/1.1
Nov 13 11:31:17.464 [INFO ] PHN: WEB: 944 Basic authentication.
Nov 13 11:31:17.582 [DEBUG2] PHN: WEB: HTTP 944/443 disconnecting
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 disconnected
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 deleted

wget

这是wget --verbose --no-check-certificate --server-response -O- https://admin:password@172.16.99.61/settings.xml >/dev/null的输出:

-2018-11-13 11:34:35--  https://admin:*password*@172.16.99.61/settings.xml
Connecting to 172.16.99.61:443... connected.
WARNING: cannot verify 172.16.99.61's certificate, issued by 'emailAddress=security@snom.com,CN=Snom Phone 1,O=Snom Technology AG,L=Berlin,ST=Berlin,C=DE':
  Self-signed certificate encountered.
    WARNING: certificate common name 'xxxxxxxxxxxx' doesn't match requested host name '172.16.99.61'.
HTTP request sent, awaiting response...
  HTTP/1.1 401 Unauthorized
  WWW-Authenticate: Basic realm="snom"
  Content-Type: text/plain
  Content-Length: 22
Authentication selected: Basic realm="snom"
Reusing existing connection to 172.16.99.61:443.
HTTP request sent, awaiting response...
  HTTP/1.1 200 Ok
  Server: snom embedded
  Cache-Control: no-cache
  Cache-Control: no-store
  Content-Type: text/xml
  Content-Length: 110173
Length: 110173 (108K) [text/xml]
Saving to: 'STDOUT'
2018-11-13 11:34:36 (2.39 MB/s) - written to stdout [110173/110173]

这是来自手机的日志:

Nov 13 11:34:35.023 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [DEBUG2] PHN: WEB: HTTP 974/443 accepted from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 handshake start
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 before/accept initialization (0)
Nov 13 11:34:35.025 [DEBUG2] PHN: WEB: HTTP 974/443 connected
Nov 13 11:34:35.028 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:34:35.029 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.034 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:34:35.072 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write session ticket A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 handshake done
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:34:35.075 [DEBUG2] TLS: 0x8dd4c0 SetHandshakeFinished()
Nov 13 11:34:35.079 [INFO ] PHN: WEB: Request 974/154/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.080 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.080 [INFO ] PHN: Authentication triggered. Set flag back.
Nov 13 11:34:35.082 [INFO ] PHN: WEB: Request 974/197/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.083 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 disconnected
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 deleted

【问题讨论】:

  • 虽然我不相信这会是解决方案(握手会正确结束),但请尝试使用 --no-alpn 选项
  • 我确实试过了,没什么区别(除了日志消息消失)。
  • 我只看到 3 种痛苦的方法来解决您的问题:查看整个 curl 错误数据库,尝试所有 --no-something 选项,进行网络捕获,希望您可以解密它(使用非 FS 密码套件)。也许,尝试使用 HEAD 或 OPTIONS http 方法来查看它的行为。密码是否包含 非常 特殊字符(= : ?)?
  • 我已经尝试了所有可能适用但没有成功的 --no-something 选项。密码仅由字母数字字符组成:(
  • 您是否尝试了 openssl s_client 命令来查看它的行为?有趣的是,您可以发送仅由文本构建的请求(GET / HTTP/1.1 Authorization: Basic ***== ....)

标签: ssl curl wget snom


【解决方案1】:

现在这很有趣:手动添加 Connection: keep-alive 标头使一切正常:

$ curl -sSL -D - -o /dev/null --insecure -H 'Connection: keep-alive' --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:18:13 CET 2018
HTTP/1.1 200 Ok
Server: snom embedded
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: text/xml
Content-Length: 110192

如果没有它,它就不会:

$ curl -sSL -D - -o /dev/null --insecure --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:19:53 CET 2018
curl: (52) Empty reply from server

【讨论】:

  • 我会的,但我必须再等一个小时:)
猜你喜欢
  • 2017-01-13
  • 2014-01-03
  • 1970-01-01
  • 2014-12-24
  • 2017-01-10
  • 1970-01-01
  • 2020-11-04
  • 1970-01-01
  • 2019-04-22
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode