curl 与浏览器的结果不同
curl does not have same result as browser
我正在尝试使用 curl 从命令行下载以下 URL。如果通过浏览器请求相同的 URL,它能够获取图像。但是对于 curl,服务器终止 SSL 握手。只是为了使用完全相同的参数;我从 google-chrome 和 firefox 尝试了 'developer tools' 的 curl 命令。但两者都因以下错误而失败。
这个问题之前在这里 here 被问过,但没有有效的答案。我按照建议尝试了 -http1.1 但没有成功。
https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg
(base) (15:39 test@testcomp ~) > curl -v 'https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 Safari/537.36' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-US,en;q=0.9,hi;q=0.8,mr;q=0.7' -H 'If-None-Match: "90cbf2d5a81d51:da782"' -H 'If-Modified-Since: Fri, 03 May 2019 12:07:53 GMT' --compressed
* Trying 74.209.245.140...
* TCP_NODELAY set
* Connected to floridakeyswebcams.tv (74.209.245.140) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /home/sagham/anaconda2/ssl/cacert.pem
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to floridakeyswebcams.tv:443
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to floridakeyswebcams.tv:443
看来floridakeyswebcams.tv需要TLS1.3支持,使用--tlsv1.3参数,
curl --tlsv1.3 -v 'https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg'
这是我使用 --tlsv1.2 时得到的结果:
$ ./CURL.EXE https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg --tlsv1.2 -vv
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 74.209.245.140...
* TCP_NODELAY set
* Connected to floridakeyswebcams.tv (74.209.245.140) port 443 (#0)
* schannel: next InitializeSecurityContext failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorit
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
* schannel: shutting down SSL/TLS connection with floridakeyswebcams.tv port 443
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorit
这里是(大致上,由于某种原因打印顺序错误)如果我使用 --tlsv1.3:
./CURL.EXE https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg --tlsv1.3 -v
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
* TCP_NODELAY set
* Connected to floridakeyswebcams.tv (74.209.245.140) port 443 (#0)
> GET /sloppycam/camarchive/0807.jpg HTTP/1.1
> Host: floridakeyswebcams.tv
> User-Agent: curl/7.64.1
> Accept: */*
>
▒▒▒▒
\▒.▒:\▒.▒:▒▒
▒▒
%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
-截断的 jpg 二进制文件-
关于为什么这不是自动协商的问题仍然存在,我不确定,但我猜你的 TLS 后端不支持 tlv1.3,这可能与你刚刚得到的原因有关一个神秘的错误..
我正在尝试使用 curl 从命令行下载以下 URL。如果通过浏览器请求相同的 URL,它能够获取图像。但是对于 curl,服务器终止 SSL 握手。只是为了使用完全相同的参数;我从 google-chrome 和 firefox 尝试了 'developer tools' 的 curl 命令。但两者都因以下错误而失败。
这个问题之前在这里 here 被问过,但没有有效的答案。我按照建议尝试了 -http1.1 但没有成功。
https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg
(base) (15:39 test@testcomp ~) > curl -v 'https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 Safari/537.36' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-US,en;q=0.9,hi;q=0.8,mr;q=0.7' -H 'If-None-Match: "90cbf2d5a81d51:da782"' -H 'If-Modified-Since: Fri, 03 May 2019 12:07:53 GMT' --compressed
* Trying 74.209.245.140...
* TCP_NODELAY set
* Connected to floridakeyswebcams.tv (74.209.245.140) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /home/sagham/anaconda2/ssl/cacert.pem
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to floridakeyswebcams.tv:443
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to floridakeyswebcams.tv:443
看来floridakeyswebcams.tv需要TLS1.3支持,使用--tlsv1.3参数,
curl --tlsv1.3 -v 'https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg'
这是我使用 --tlsv1.2 时得到的结果:
$ ./CURL.EXE https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg --tlsv1.2 -vv
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 74.209.245.140...
* TCP_NODELAY set
* Connected to floridakeyswebcams.tv (74.209.245.140) port 443 (#0)
* schannel: next InitializeSecurityContext failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorit
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
* schannel: shutting down SSL/TLS connection with floridakeyswebcams.tv port 443
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorit
这里是(大致上,由于某种原因打印顺序错误)如果我使用 --tlsv1.3:
./CURL.EXE https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg --tlsv1.3 -v
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
* TCP_NODELAY set
* Connected to floridakeyswebcams.tv (74.209.245.140) port 443 (#0)
> GET /sloppycam/camarchive/0807.jpg HTTP/1.1
> Host: floridakeyswebcams.tv
> User-Agent: curl/7.64.1
> Accept: */*
>
▒▒▒▒
\▒.▒:\▒.▒:▒▒
▒▒
%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
-截断的 jpg 二进制文件-
关于为什么这不是自动协商的问题仍然存在,我不确定,但我猜你的 TLS 后端不支持 tlv1.3,这可能与你刚刚得到的原因有关一个神秘的错误..