libcurl HTTPS重定向触发电子围栏错误
libcurl HTTPS redirect triggers electric-fence error
我目前正在使用 ArchLinux 4.7.2-1 x86_64 服务器并尝试使用 libcurl 为 HTTP(S) 请求编写应用程序。
所以例如我做这样的事情:
#include <curl/curl.h>
int main(void)
{
CURL* curl_handle = curl_easy_init();
curl_easy_setopt(curl_handle, CURLOPT_URL, "https://google.at");
curl_easy_setopt(curl_handle, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS | CURLPROTO_HTTP);
curl_easy_setopt(curl_handle, CURLOPT_FOLLOWLOCATION, 1L);
curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(curl_handle, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_easy_perform(curl_handle);
curl_easy_cleanup(curl_handle);
return 0;
}
我知道我必须指定一个 WriteFunction 来接收响应正文,但这不是问题所在。
只要响应不包含重定向 URL 一切都很好。但是,当涉及到 (HTTPS) 重定向时,OpenSSL 内部出现了一些中断。
* Rebuilt URL to: https://google.at/
* Trying 172.217.21.99...
* Connected to google.at (172.217.21.99) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*.google.at
* start date: Aug 24 10:10:00 2016 GMT
* expire date: Nov 16 10:10:00 2016 GMT
* subjectAltName: host "google.at" matched cert's "google.at"
* issuer: C=US; O=Google Inc; CN=Google Internet Authority G2
* SSL certificate verify ok.
> GET / HTTP/1.1
Host: google.at
User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Accept: */*
< HTTP/1.1 301 Moved Permanently
< Location: https://www.google.at/
< Content-Type: text/html; charset=UTF-8
< Date: Fri, 02 Sep 2016 11:42:53 GMT
< Expires: Sun, 02 Oct 2016 11:42:53 GMT
< Cache-Control: public, max-age=2592000
< Server: gws
< Content-Length: 219
< X-XSS-Protection: 1; mode=block
< X-Frame-Options: SAMEORIGIN
< Alt-Svc: quic=":443"; ma=2592000; v="36,35,34,33,32,31,30"
<
* Ignoring the response-body
* Connection #0 to host google.at left intact
* Issue another request to this URL: 'https://www.google.at/'
* Trying 216.58.201.163...
* Connected to www.google.at (216.58.201.163) port 443 (#1)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
ElectricFence Exiting: mprotect() failed: Cannot allocate memory
顺便说一句。我正在使用
- OpenSSL 1.0.2g
- 电子围栏2.2.0
- libcurl 7.49.1
- zlib 1.2.8
- g++ 6.1.1
有谁知道导致这个问题的原因并有解决办法吗?
如果我忘记了重要信息,请随时询问。
为了消除这个错误,我按照 Understanding the output of electric fence and gdb:
提供的说明进行操作
echo 128000 > /proc/sys/vm/max_map_count
将内存映射区域增加到 128000 做到了。
我目前正在使用 ArchLinux 4.7.2-1 x86_64 服务器并尝试使用 libcurl 为 HTTP(S) 请求编写应用程序。 所以例如我做这样的事情:
#include <curl/curl.h>
int main(void)
{
CURL* curl_handle = curl_easy_init();
curl_easy_setopt(curl_handle, CURLOPT_URL, "https://google.at");
curl_easy_setopt(curl_handle, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS | CURLPROTO_HTTP);
curl_easy_setopt(curl_handle, CURLOPT_FOLLOWLOCATION, 1L);
curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(curl_handle, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_easy_perform(curl_handle);
curl_easy_cleanup(curl_handle);
return 0;
}
我知道我必须指定一个 WriteFunction 来接收响应正文,但这不是问题所在。 只要响应不包含重定向 URL 一切都很好。但是,当涉及到 (HTTPS) 重定向时,OpenSSL 内部出现了一些中断。
* Rebuilt URL to: https://google.at/
* Trying 172.217.21.99...
* Connected to google.at (172.217.21.99) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*.google.at
* start date: Aug 24 10:10:00 2016 GMT
* expire date: Nov 16 10:10:00 2016 GMT
* subjectAltName: host "google.at" matched cert's "google.at"
* issuer: C=US; O=Google Inc; CN=Google Internet Authority G2
* SSL certificate verify ok.
> GET / HTTP/1.1
Host: google.at
User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Accept: */*
< HTTP/1.1 301 Moved Permanently
< Location: https://www.google.at/
< Content-Type: text/html; charset=UTF-8
< Date: Fri, 02 Sep 2016 11:42:53 GMT
< Expires: Sun, 02 Oct 2016 11:42:53 GMT
< Cache-Control: public, max-age=2592000
< Server: gws
< Content-Length: 219
< X-XSS-Protection: 1; mode=block
< X-Frame-Options: SAMEORIGIN
< Alt-Svc: quic=":443"; ma=2592000; v="36,35,34,33,32,31,30"
<
* Ignoring the response-body
* Connection #0 to host google.at left intact
* Issue another request to this URL: 'https://www.google.at/'
* Trying 216.58.201.163...
* Connected to www.google.at (216.58.201.163) port 443 (#1)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
ElectricFence Exiting: mprotect() failed: Cannot allocate memory
顺便说一句。我正在使用
- OpenSSL 1.0.2g
- 电子围栏2.2.0
- libcurl 7.49.1
- zlib 1.2.8
- g++ 6.1.1
有谁知道导致这个问题的原因并有解决办法吗? 如果我忘记了重要信息,请随时询问。
为了消除这个错误,我按照 Understanding the output of electric fence and gdb:
提供的说明进行操作echo 128000 > /proc/sys/vm/max_map_count
将内存映射区域增加到 128000 做到了。