ошибка скручивания 52 при доступе к https при работе wget - PullRequest
0 голосов
/ 13 ноября 2018

Я пытаюсь получить доступ к веб-интерфейсу телефона Snom D315 через curl (7.62.0 в macOS), но постоянно получаю сообщение об ошибке 52 (CURLE_GOT_NOTHING):

$ curl --insecure --user admin:password https://172.16.99.61/settings.xml
curl: (52) Empty reply from server

Интересные факты:

  • доступ по HTTP работает, как и ожидалось
  • страница (HTTPS) просто прекрасно открывается в браузере или через wget (1.19.5)
  • это также работает на старых Snom D300 устройствах (с другой прошивкой, конечно)

Любая помощь приветствуется!

PS: Я имеюпрочитайте ответы на этот вопрос , но безрезультатно.Я также подтвердил это с другим D315 и curl 7.52.1 в Debian и обновил прошивку телефона до последней версии.


Подробнее

curl

Вот вывод curl --trace-ascii --trace-time --insecure --user admin:password https://172.16.99.61/settings.xml:

11:31:18.201318 == Info:   Trying 172.16.99.61...
11:31:18.201651 == Info: TCP_NODELAY set
11:31:18.202233 == Info: Connected to 172.16.99.61 (172.16.99.61) port 443 (#0)
11:31:18.205540 == Info: ALPN, offering http/1.1
11:31:18.205555 == Info: WARNING: disabling hostname validation also disables SNI.
11:31:18.267158 == Info: TLS 1.2 connection using TLS_RSA_WITH_AES_128_GCM_SHA256
11:31:18.267184 == Info: ALPN, server did not agree to a protocol
11:31:18.270517 == Info: Server certificate: xxxxxxxxxxxx
11:31:18.270615 == Info: Server certificate: Snom Phone 1
11:31:18.270712 == Info: Server certificate: Snom Technology AG CA
11:31:18.270730 == Info: Server auth using Basic with user 'admin'
11:31:18.270784 => Send header, 131 bytes (0x83)
0000: GET /settings.xml HTTP/1.1
001c: Host: 172.16.99.61
0030: Authorization: Basic XXXXXXXXXXXXXXXXXXX=
005b: User-Agent: curl/7.62.0
0074: Accept: */*
0081: 
11:31:18.391320 == Info: Empty reply from server
11:31:18.391337 == Info: Connection #0 to host 172.16.99.61 left intact

И это соответствующий журнал с телефона, о котором идет речь:

Nov 13 11:31:17.394 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [DEBUG2] PHN: WEB: HTTP 944/443 accepted from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 handshake start
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 SSL_accept/0 before/accept initialization (0)
Nov 13 11:31:17.396 [DEBUG2] PHN: WEB: HTTP 944/443 connected
Nov 13 11:31:17.399 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:31:17.400 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.408 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 handshake done
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 SetHandshakeFinished()
Nov 13 11:31:17.463 [INFO ] PHN: WEB: Request 944/131/0: GET /settings.xml HTTP/1.1
Nov 13 11:31:17.464 [INFO ] PHN: WEB: 944 Basic authentication.
Nov 13 11:31:17.582 [DEBUG2] PHN: WEB: HTTP 944/443 disconnecting
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 disconnected
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 deleted

wget

Вот выводwget --verbose --no-check-certificate --server-response -O- https://admin:password@172.16.99.61/settings.xml >/dev/null:

-2018-11-13 11:34:35--  https://admin:*password*@172.16.99.61/settings.xml
Connecting to 172.16.99.61:443... connected.
WARNING: cannot verify 172.16.99.61's certificate, issued by 'emailAddress=security@snom.com,CN=Snom Phone 1,O=Snom Technology AG,L=Berlin,ST=Berlin,C=DE':
  Self-signed certificate encountered.
    WARNING: certificate common name 'xxxxxxxxxxxx' doesn't match requested host name '172.16.99.61'.
HTTP request sent, awaiting response...
  HTTP/1.1 401 Unauthorized
  WWW-Authenticate: Basic realm="snom"
  Content-Type: text/plain
  Content-Length: 22
Authentication selected: Basic realm="snom"
Reusing existing connection to 172.16.99.61:443.
HTTP request sent, awaiting response...
  HTTP/1.1 200 Ok
  Server: snom embedded
  Cache-Control: no-cache
  Cache-Control: no-store
  Content-Type: text/xml
  Content-Length: 110173
Length: 110173 (108K) [text/xml]
Saving to: 'STDOUT'
2018-11-13 11:34:36 (2.39 MB/s) - written to stdout [110173/110173]

А это журнал с телефона:

Nov 13 11:34:35.023 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [DEBUG2] PHN: WEB: HTTP 974/443 accepted from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 handshake start
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 before/accept initialization (0)
Nov 13 11:34:35.025 [DEBUG2] PHN: WEB: HTTP 974/443 connected
Nov 13 11:34:35.028 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:34:35.029 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.034 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:34:35.072 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write session ticket A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 handshake done
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:34:35.075 [DEBUG2] TLS: 0x8dd4c0 SetHandshakeFinished()
Nov 13 11:34:35.079 [INFO ] PHN: WEB: Request 974/154/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.080 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.080 [INFO ] PHN: Authentication triggered. Set flag back.
Nov 13 11:34:35.082 [INFO ] PHN: WEB: Request 974/197/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.083 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 disconnected
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 deleted

1 Ответ

0 голосов
/ 14 ноября 2018

Теперь это интересно: добавление заголовка Connection: keep-alive вручную заставляет все работать:

$ curl -sSL -D - -o /dev/null --insecure -H 'Connection: keep-alive' --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:18:13 CET 2018
HTTP/1.1 200 Ok
Server: snom embedded
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: text/xml
Content-Length: 110192

В то время как без него это не:

$ curl -sSL -D - -o /dev/null --insecure --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:19:53 CET 2018
curl: (52) Empty reply from server
...