Menu
Search

Forums

Forum Index

Thread overview
CURL: A TLS packet with unexpected length was received.
Oct 18, 2016
Nrgyzer
Oct 18, 2016
Adam D. Ruppe
Oct 18, 2016
Nrgyzer
October 18, 2016
Gravatar of NrgyzerPosted by NrgyzerReply
Nrgyzer
Gravatar of Nrgyzer


Reply
Hi everyone,
I'm trying to retrieve some data from a url using curl. I'm using the following code here:

void main()
{
        ubyte[] data;

        CURL* curl = curl_easy_init();
        curl_easy_setopt(curl, CurlOption.url, "<Private HTTPS Url>".toStringz);
        curl_easy_setopt(curl, CurlOption.writefunction, &callback);
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, &data);
        curl_easy_setopt(curl, CurlOption.ssl_verifyhost, false);
        curl_easy_setopt(curl, CurlOption.ssl_verifypeer, false);
        curl_easy_setopt(curl, CurlOption.verbose, 1);

	curl_easy_perform(curl);

        curl_easy_cleanup(curl);
}

But it's not working. I'm always getting the following error:

* About to connect() to <Private HTTPS Url> 443 (#0)
*   Trying <IP Address>...
* Connected to <Private HTTPS Url> (<IP Address>) port 443 (#0)
* found 160 certificates in /etc/ssl/certs/ca-certificates.crt
* gnutls_handshake() failed: A TLS packet with unexpected length was received.
* Closing connection 0

When using the get()-function provided by std.net.curl:

void main()
{
        get("<Private HTTPS Url>");
        // OR:
        HTTP h = HTTP("<Private HTTPS Url>");
        h.verifyHost = false;
        h.verifyPeer = false;
        h.verbose = true;
        h.perform();

}

I'm getting a similar error:

* About to connect() to <Private HTTPS Url> port 443 (#0)
*   Trying <IP Address>...
* Connected to <Private HTTPS Url> (<IP Address>) port 443 (#0)
* found 160 certificates in /etc/ssl/certs/ca-certificates.crt
* gnutls_handshake() failed: A TLS packet with unexpected length was received.
* Closing connection 0
std.net.curl.CurlException@/home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/src/std/net/curl.d(3606): SSL connect error on handle 1C76E0
----------------
0x86363 pure @safe bool std.exception.enforceEx!(std.net.curl.CurlException).enforceEx!(bool).enforceEx(bool, lazy immutable(char)[], immutable(char)[], uint)
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/src/std/exception.d:546
0x79eff void std.net.curl.Curl._check(int)
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/src/std/net/curl.d:3606
0x7be2b int std.net.curl.Curl.perform(bool)
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/src/std/net/curl.d:3721
0x7be2b int std.net.curl.HTTP._perform(bool)
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/src/std/net/curl.d:2234
0xee23 _Dmain
        ???:0
0x154e3 _D2rt6dmain211_d_run_mainUiPPaPUAAaZiZ6runAllMFZ9__lambda1MFZv
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/libdruntime/rt/dmain2.d:411
0x156a7 void rt.dmain2._d_run_main(int, char**, extern (C) int function(char[][])*).tryExec(scope void delegate())
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/libdruntime/rt/dmain2.d:386
0x15abf void rt.dmain2._d_run_main(int, char**, extern (C) int function(char[][])*).runAll()
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/libdruntime/rt/dmain2.d:411
0x156a7 void rt.dmain2._d_run_main(int, char**, extern (C) int function(char[][])*).tryExec(scope void delegate())
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/libdruntime/rt/dmain2.d:386
0x1582f _d_run_main
        /home/build/tmp/build/.build/src/gcc-5.2.0/libphobos/libdruntime/rt/dmain2.d:419
0xec8f main
        ???:0
0xb6d83451 __libc_start_main
        ???:0

I want skip the ssl-validation but it seems that curl is always trying to verify the ssl certificate, although I think I've disabled it by setting ssl_verifyhost and ssl_verifypeer to false/0. I can use other ssl urls without any problems...
I'm using the latest gdc arm compiler with dmd 2.066.1

I hope anyone know what I'm doing wrong here :)
October 18, 2016
Gravatar of Adam D. RuppePosted by Adam D. Ruppe
in reply to Nrgyzer		Reply
Adam D. Ruppe
Gravatar of Adam D. Ruppe
Posted in reply to Nrgyzer


Reply
On Tuesday, 18 October 2016 at 17:39:45 UTC, Nrgyzer wrote:
> But it's not working. I'm always getting the following error:

What happens if you go to that HTTPS url in your normal web browser?

I kinda expect the server isn't actually running https.
October 18, 2016
Gravatar of NrgyzerPosted by Nrgyzer
in reply to Adam D. Ruppe		Reply
Nrgyzer
Gravatar of Nrgyzer
Posted in reply to Adam D. Ruppe


Reply
On Tuesday, 18 October 2016 at 17:49:16 UTC, Adam D. Ruppe wrote:
> On Tuesday, 18 October 2016 at 17:39:45 UTC, Nrgyzer wrote:
>> But it's not working. I'm always getting the following error:
>
> What happens if you go to that HTTPS url in your normal web browser?
>
> I kinda expect the server isn't actually running https.

I can access the page and when I run curl from the cli I'm also retrieving the data:

odroid@odroid-server:/tmp/arm-unknown-linux-gnueabihf/bin$ curl <Private HTTPS Url> -verbose >> /tmp/test
* About to connect() to <Private HTTPS Url> port 443 (#0)
*   Trying <Ip Address>...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to <Private HTTPS Url> (<Ip Address>) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Server key exchange (12):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSL connection using ECDHE-RSA-AES256-SHA
* Server certificate:
*        subject: <Hidden for privacy purposes>
*        start date: 2015-11-14 00:00:00 GMT
*        expire date: 2016-11-19 23:59:59 GMT
*        subjectAltName: <Hidden for privacy purposes> matched
*        issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Extended Validation Secure Server CA
*        SSL certificate verify ok.
> GET /api/GetMarkets HTTP/1.1
> User-Agent: curl/7.29.0
> Host: <Private HTTPS Url>
> Accept: */*
> Referer: rbose
>
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0< HTTP/1.1 200 OK
< Cache-Control: no-cache
< Pragma: no-cache
< Content-Type: application/json; charset=utf-8
< Expires: -1
< Server: Microsoft-IIS/8.5
< X-AspNet-Version: 4.0.30319
< Date: Tue, 18 Oct 2016 17:57:54 GMT
< Content-Length: 567103
<
{ [data not shown]
100  553k  100  553k    0     0   219k      0  0:00:02  0:00:02 --:--:--  219k
* Connection #0 to host <Private HTTPS Url> left intact