将 CURL 请求转换为 PHP CURL
transform CURL request to PHP CURL
我有这个 Curl 请求:
curl.exe -k --proxy-ntlm --proxy-user : --proxy http://proxyurl:80 -E C:\temp\certificat.pem:certifPassword -H depth:1 -X PROPFIND https://www.url.fr/to/webdav/number/folder/ > retour.xml
我必须用 php 脚本翻译它。所以我这样做了:
$ch = curl_init();
$urlPropfind = "https://www.url.fr/to/webdav/number/folder/";
$certifPropfind = __DIR__."/certificats/certificat.pem";
$passwordPropfind = "certifPassword";
$header = "depth:1";
//Proxy config
$proxyAdresse = "http://proxyUrl";
$proxyIp = "192.168.0.1"; //I change IP for security
$proxyPort = 80;
$proxyIdentification = "proxyUser:proxyPassword";
curl_setopt($ch, CURLOPT_PROXY, $proxyIp);
curl_setopt($ch, CURLOPT_PROXYPORT, $proxyPort);
curl_setopt($ch, CURLOPT_PROXYTYPE, 'HTTP');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSLCERT, $certifPropfind);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $passwordPropfind);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
$output = curl_exec($ch);
var_dump($output);
var_dump(curl_getinfo($ch));
curl_close($ch);
但是我的 curl return FALSE 所以我不明白我做错了什么?
错误:
HTTP/1.1 200 连接已建立 <
* 代理回复 OK 到 CONNECT 请求
* CA文件:/etc/pki/tls/certs/ca-bundle.crt CA路径:none
* NSS:未找到客户端证书:certServeurTM.pem
* NSS 错误 -12227 (SSL_ERROR_HANDSHAKE_FAILURE_ALERT)
* SSL 对等方无法协商一组可接受的安全参数。
* 关闭连接 2
和
- 正在使用证书路径初始化 NSS:sql:/etc/pki/nssdb
- CA文件:/etc/pki/tls/certs/ca-bundle.crt CA路径:none
- 无法加载客户端密钥:-8178 (SEC_ERROR_BAD_KEY)
- NSS 错误 -8178 (SEC_ERROR_BAD_KEY)
- 同伴的 public 密钥无效。
- 正在关闭连接 0
编辑
我将其转换为 PHP & 这是我的 :
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_NOPROGRESS, true);
curl_setopt($ch, CURLOPT_PROXY, $proxyAdresse);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.29.0");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
curl_setopt($ch, CURLOPT_MAXREDIRS, 50);
curl_setopt($ch, CURLOPT_KEYPASSWD, "/var/www/html/myapplication/certificats/certServeurTM.pem:toulouse31");
curl_setopt($ch, CURLOPT_SSLCERT, "certServeurTM.pem");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
& 我收到的消息(只有消息的结尾。在获得证书之前一切都很好):
HTTP/1.1 200 Connection established < * Proxy replied OK to CONNECT request * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS: client certificate not found: certServeurTM.pem * NSS error -12227 (SSL_ERROR_HANDSHAKE_FAILURE_ALERT) * SSL peer was unable to negotiate an acceptable set of security parameters. * Closing connection 2
我加了
curl_setopt($ch, CURLOPT_CAPATH, "/var/www/html/myapplication/certificats");
& 我看到以下消息
failed to load '/var/www/html/myapplication/certificats/certServeurTM.pem' from CURLOPT_CAPATH
将以下代码添加到您的脚本中,在最后一个 curl_setopt 之后,看看您得到什么输出:
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
这将为您提供有关问题所在的线索。如果您无法自行解决问题,请使用新代码的输出更新您的问题。
通过检查curl的--libcurl参数,似乎:
您忘记将 CURLOPT_PROXYAUTH 设置为 CURLAUTH_NTLM。
您忘记将 CURLOPT_USERAGENT 设置为您的 curl 版本(curl cli 会自动执行此操作,libcurl 不会。在我的系统上,它是 "curl/7.52.1")。
你好像把 CURLOPT_SSLCERTPASSWD 和 CURLOPT_KEYPASSWD 混在一起了。
这是 --libcurl 文件,您可以尝试将其转换为 PHP:
/********* Sample code generated by the curl command line tool **********
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
#include <curl/curl.h>
int main(int argc, char *argv[])
{
CURLcode ret;
CURL *hnd;
struct curl_slist *slist1;
slist1 = NULL;
slist1 = curl_slist_append(slist1, "depth:1");
hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_URL, "https://www.url.fr/to/webdav/number/folder/");
curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 1L);
curl_easy_setopt(hnd, CURLOPT_PROXY, "http://proxyurl:80");
curl_easy_setopt(hnd, CURLOPT_PROXYUSERPWD, ":");
curl_easy_setopt(hnd, CURLOPT_PROXYAUTH, (long)CURLAUTH_NTLM);
curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/7.52.1");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, slist1);
curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, (long)CURL_HTTP_VERSION_2TLS);
curl_easy_setopt(hnd, CURLOPT_KEYPASSWD, "tempcertificat.pem:certifPassword");
curl_easy_setopt(hnd, CURLOPT_SSLCERT, "C");
curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L);
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
/* Here is a list of options the curl code used that cannot get generated
as source easily. You may select to either not use them or implement
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
CURLOPT_SEEKDATA set to a objectpointer
CURLOPT_SEEKFUNCTION set to a functionpointer
CURLOPT_ERRORBUFFER set to a objectpointer
CURLOPT_STDERR set to a objectpointer
CURLOPT_HEADERFUNCTION set to a functionpointer
CURLOPT_HEADERDATA set to a objectpointer
*/
ret = curl_easy_perform(hnd);
curl_easy_cleanup(hnd);
hnd = NULL;
curl_slist_free_all(slist1);
slist1 = NULL;
return (int)ret;
}
/**** End of sample code ****/
终于明白了!!
其实负责管理证书的人忘了告诉我,我需要另一个私钥和私钥...
所以这是我的最终代码:
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_NOPROGRESS, true);
curl_setopt($ch, CURLOPT_PROXY, $proxyAdresse);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.29.0");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
curl_setopt($ch, CURLOPT_MAXREDIRS, 50);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "toulouse31");
curl_setopt($ch, CURLOPT_SSLCERT, "/var/www/html/myapplication/certificats/certServeurTM.pem");
curl_setopt($ch, CURLOPT_SSLCERT, "/var/www/html/myapplication/certificats/default.crt");
curl_setopt($ch, CURLOPT_SSLKEY, "/var/www/html/myapplication/certificats/default.privkey");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
谢谢大家的帮助:)
我有这个 Curl 请求:
curl.exe -k --proxy-ntlm --proxy-user : --proxy http://proxyurl:80 -E C:\temp\certificat.pem:certifPassword -H depth:1 -X PROPFIND https://www.url.fr/to/webdav/number/folder/ > retour.xml
我必须用 php 脚本翻译它。所以我这样做了:
$ch = curl_init();
$urlPropfind = "https://www.url.fr/to/webdav/number/folder/";
$certifPropfind = __DIR__."/certificats/certificat.pem";
$passwordPropfind = "certifPassword";
$header = "depth:1";
//Proxy config
$proxyAdresse = "http://proxyUrl";
$proxyIp = "192.168.0.1"; //I change IP for security
$proxyPort = 80;
$proxyIdentification = "proxyUser:proxyPassword";
curl_setopt($ch, CURLOPT_PROXY, $proxyIp);
curl_setopt($ch, CURLOPT_PROXYPORT, $proxyPort);
curl_setopt($ch, CURLOPT_PROXYTYPE, 'HTTP');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSLCERT, $certifPropfind);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $passwordPropfind);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
$output = curl_exec($ch);
var_dump($output);
var_dump(curl_getinfo($ch));
curl_close($ch);
但是我的 curl return FALSE 所以我不明白我做错了什么?
错误:
HTTP/1.1 200 连接已建立 < * 代理回复 OK 到 CONNECT 请求 * CA文件:/etc/pki/tls/certs/ca-bundle.crt CA路径:none * NSS:未找到客户端证书:certServeurTM.pem * NSS 错误 -12227 (SSL_ERROR_HANDSHAKE_FAILURE_ALERT) * SSL 对等方无法协商一组可接受的安全参数。 * 关闭连接 2
和
- 正在使用证书路径初始化 NSS:sql:/etc/pki/nssdb
- CA文件:/etc/pki/tls/certs/ca-bundle.crt CA路径:none
- 无法加载客户端密钥:-8178 (SEC_ERROR_BAD_KEY)
- NSS 错误 -8178 (SEC_ERROR_BAD_KEY)
- 同伴的 public 密钥无效。
- 正在关闭连接 0
编辑
我将其转换为 PHP & 这是我的 :
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_NOPROGRESS, true);
curl_setopt($ch, CURLOPT_PROXY, $proxyAdresse);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.29.0");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
curl_setopt($ch, CURLOPT_MAXREDIRS, 50);
curl_setopt($ch, CURLOPT_KEYPASSWD, "/var/www/html/myapplication/certificats/certServeurTM.pem:toulouse31");
curl_setopt($ch, CURLOPT_SSLCERT, "certServeurTM.pem");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
& 我收到的消息(只有消息的结尾。在获得证书之前一切都很好):
HTTP/1.1 200 Connection established < * Proxy replied OK to CONNECT request * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS: client certificate not found: certServeurTM.pem * NSS error -12227 (SSL_ERROR_HANDSHAKE_FAILURE_ALERT) * SSL peer was unable to negotiate an acceptable set of security parameters. * Closing connection 2
我加了
curl_setopt($ch, CURLOPT_CAPATH, "/var/www/html/myapplication/certificats");
& 我看到以下消息
failed to load '/var/www/html/myapplication/certificats/certServeurTM.pem' from CURLOPT_CAPATH
将以下代码添加到您的脚本中,在最后一个 curl_setopt 之后,看看您得到什么输出:
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
这将为您提供有关问题所在的线索。如果您无法自行解决问题,请使用新代码的输出更新您的问题。
通过检查curl的--libcurl参数,似乎:
您忘记将 CURLOPT_PROXYAUTH 设置为 CURLAUTH_NTLM。
您忘记将 CURLOPT_USERAGENT 设置为您的 curl 版本(curl cli 会自动执行此操作,libcurl 不会。在我的系统上,它是 "curl/7.52.1")。
你好像把 CURLOPT_SSLCERTPASSWD 和 CURLOPT_KEYPASSWD 混在一起了。
这是 --libcurl 文件,您可以尝试将其转换为 PHP:
/********* Sample code generated by the curl command line tool **********
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
#include <curl/curl.h>
int main(int argc, char *argv[])
{
CURLcode ret;
CURL *hnd;
struct curl_slist *slist1;
slist1 = NULL;
slist1 = curl_slist_append(slist1, "depth:1");
hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_URL, "https://www.url.fr/to/webdav/number/folder/");
curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 1L);
curl_easy_setopt(hnd, CURLOPT_PROXY, "http://proxyurl:80");
curl_easy_setopt(hnd, CURLOPT_PROXYUSERPWD, ":");
curl_easy_setopt(hnd, CURLOPT_PROXYAUTH, (long)CURLAUTH_NTLM);
curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/7.52.1");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, slist1);
curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, (long)CURL_HTTP_VERSION_2TLS);
curl_easy_setopt(hnd, CURLOPT_KEYPASSWD, "tempcertificat.pem:certifPassword");
curl_easy_setopt(hnd, CURLOPT_SSLCERT, "C");
curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L);
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
/* Here is a list of options the curl code used that cannot get generated
as source easily. You may select to either not use them or implement
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
CURLOPT_SEEKDATA set to a objectpointer
CURLOPT_SEEKFUNCTION set to a functionpointer
CURLOPT_ERRORBUFFER set to a objectpointer
CURLOPT_STDERR set to a objectpointer
CURLOPT_HEADERFUNCTION set to a functionpointer
CURLOPT_HEADERDATA set to a objectpointer
*/
ret = curl_easy_perform(hnd);
curl_easy_cleanup(hnd);
hnd = NULL;
curl_slist_free_all(slist1);
slist1 = NULL;
return (int)ret;
}
/**** End of sample code ****/
终于明白了!!
其实负责管理证书的人忘了告诉我,我需要另一个私钥和私钥...
所以这是我的最终代码:
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_NOPROGRESS, true);
curl_setopt($ch, CURLOPT_PROXY, $proxyAdresse);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.29.0");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
curl_setopt($ch, CURLOPT_MAXREDIRS, 50);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "toulouse31");
curl_setopt($ch, CURLOPT_SSLCERT, "/var/www/html/myapplication/certificats/certServeurTM.pem");
curl_setopt($ch, CURLOPT_SSLCERT, "/var/www/html/myapplication/certificats/default.crt");
curl_setopt($ch, CURLOPT_SSLKEY, "/var/www/html/myapplication/certificats/default.privkey");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
谢谢大家的帮助:)