linux C libcurl https 使用

最新推荐文章于 2022-06-22 11:48:24 发布

轻飘风扬

最新推荐文章于 2022-06-22 11:48:24 发布

阅读量1.6w

点赞数 1

分类专栏：【工作总结】文章标签： linux C libcurl http error14077410 curl 7.35.0

本文链接：https://blog.csdn.net/sjin_1314/article/details/17392675

版权

【工作总结】专栏收录该内容

47 篇文章

订阅专栏

本文探讨了使用libcurl进行HTTPS服务器单向认证时遇到的常见错误：SSL23_GET_SERVER_HELLO:tlsv1alertinternalerror。通过调整设置和配置SSL版本及密钥，解决了连接失败的问题。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

最近一直在测试libcurl使用https服务器单向认证的情况，一直在查找原因和调试。主要出现在下面的问题上：

routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error

这个问题的解决思路可以在下面链接中找到：

http://georgik.sinusgear.com/2012/02/19/tomcat-7-and-curl-ssl23_get_server_hellotlsv1-alert-internal-error/

在server.xml中增加下面的内容：

ciphers="SSL_RSA_WITH_RC4_128_SHA"

If you're running curl 7.35.0 and run into this error in php when trying to connect to a remote host:

35 - error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

it means you need to tell curl to use sslv3 and also use the sslv3 ciphers, ensure you have these curl_setopt settings, eg:

curl_setopt($ch, CURLOPT_SSLVERSION, 3);
curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'SSLv3');

下面是libcurl 的测试代码：

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <curl/curl.h>

static size_t save_response_callback(void *buffer,size_t size,size_t count,void **response)
{
	char * ptr = NULL;
	printf("buffer is %s\n",(char *)buffer);
	ptr =(char *) malloc(count*size + 4);
	memcpy(ptr,buffer,count*size);
	*response = ptr;

	return count;
}

int main(int argc,char *argv[])
{
	CURL * curl;
	CURLcode res;
	char * response = NULL;

	if(argc !=2){
        printf("Usage:file<url>;\n");
		return;
	}
	
	//curl_global_init(CURL_GLOBAL_DEFAULT);

	curl = curl_easy_init();
   
	if(curl!=NULL){
        printf("Usage:file<%s>;\n",argv[1]);
		curl_easy_setopt(curl,CURLOPT_URL,argv[1]);
		curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,&save_response_callback);
		curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response);
        curl_easy_setopt(curl,CURLOPT_COOKIESESSION,1L);
		curl_easy_setopt(curl,CURLOPT_COOKIEFILE,"/dev/null");
		curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,1);
		//curl_easy_setopt(curl,CURLOPT_CAPATH,"/etc/ssl/cert/");
		curl_easy_setopt(curl,CURLOPT_CAINFO,"ca-cert.pem");

		curl_easy_setopt(curl,CURLOPT_SSL_VERIFYHOST,1);
		curl_easy_setopt(curl,CURLOPT_VERBOSE,1L);
		curl_easy_setopt(curl,CURLOPT_TIMEOUT,30);
#if 0
		/* 双向验证下面是客户端的ＣＡ*/
	//	curl_easy_setopt(curl,CURLOPT_CAPATH,"./");
		curl_easy_setopt(curl,CURLOPT_SSLCERT,"client-cert.pem");
		curl_easy_setopt(curl,CURLOPT_SSLCERTPASSWD,"password");
		curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM");
		curl_easy_setopt(curl,CURLOPT_SSLKEY,"client-key.pem");
		curl_easy_setopt(curl,CURLOPT_SSLKEYPASSWD,"password");
		curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,"PEM");
#endif

		res = curl_easy_perform(curl);
		if(res != CURLE_OK){

             printf("curl_wasy_perform error = %s",curl_easy_strerror(res));
		}
        printf("response<%s>\n",response);

		curl_easy_cleanup(curl);
	}


}

参考资料：

源码测试用例： http://curl.haxx.se/libcurl/c/https.html

教程： http://blog.csdn.net/jgood/article/details/4787670

ＳＳＬ证书制作：http://blog.chinaunix.net/uid-7591044-id-1742977.html　