Den 2022-11-23 kl. 09:28, skrev Daniel Hallberg via curl-library:
Hello,
I want to move my backend software to a new server but when running it
on the new server I often (but not always) get "CURLcode: 35 (SSL
connect error)" for some unknown reason (I don't think I've ever seen
that issue on the old server).
The backend source code is identical on the servers, the difference I
see is that the new server has newer curl & OpenSSL available:
Old server:
Backend build 384 starting.
libcurl info:
-> age: 7
-> version: 7.74.0-DEV
-> ssl_version: OpenSSL/1.1.1f
-> features: AsynchDNS HTTP2 HTTPS-proxy IPv6 Largefile NTLM NTLM_WB
SSL TLS-SRP UnixSockets libz
-> libz_version: 1.2.11
-> protocols: dict file ftp ftps gopher http https imap imaps mqtt
pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
-> ares: 1.15.0
-> libidn: 0
-> libssh_version: 0
-> brotli_version: 0
OpenSSL threading supported
New server:
Backend build 384 starting.
libcurl info:
-> age: 9
-> version: 7.86.0
-> ssl_version: OpenSSL/3.0.2
-> features: AsynchDNS HTTP2 HTTPS-proxy IPv6 Largefile NTLM NTLM_WB
SSL TLS-SRP UnixSockets libz
-> libz_version: 1.2.11
-> protocols: dict file ftp ftps gopher gophers http https imap imaps
mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
-> ares: 1.18.1
-> libidn: 0
-> libssh_version: 0
-> brotli_version: 0
OpenSSL threading supported
Any suggestions where to look / how to debug the issue?
Maybe there is some timeout I don't set in my code which was no
problem with the old curl version, but that the newer curl version use
another default value or something? Or do you think it has to do with
the different OpenSSL versions?
Best regards,
Daniel
Here's how I use curl btw:
CURLcode res;
CURL *curl = curl_easy_init();
#ifdef DEBUG_CURL
curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, debug_callback);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
#endif
if (!curl) {
FILE_LOG(logERROR)<<"Error starting curl";
return false;
}
struct curl_slist *header = NULL;
header = curl_slist_append(header, "Accept-Language: sv");
header = curl_slist_append(header, "Accept: application/json");
//If we are authenticated, use our credentials
if(this->sessionKey != "")
{
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_BASIC);
curl_easy_setopt(curl, CURLOPT_USERNAME, this->sessionKey.c_str());
curl_easy_setopt(curl, CURLOPT_PASSWORD, this->sessionKey.c_str());
}
curl_easy_setopt(curl, CURLOPT_URL, murl.c_str());
if(method == "POST")
{
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data.c_str());
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, data.length());
}
else if(method == "POST-JSON")
{
header = curl_slist_append(header, "Content-Type: application/json");
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data.c_str());
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, data.length());
}
else if(method == "GET")
{
//Just don"t set post data
}
else if(method == "DELETE"){
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELETE");
}else if(method == "PUT"){
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "PUT");
header = curl_slist_append(header, "Content-Type: application/json");
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data.c_str());
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, data.length());
}
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, header);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION,
this->CurlWrite_CallbackFunc_StdString);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &s);
curl_easy_setopt(curl, CURLOPT_SHARE, sslShare);
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L);
curl_easy_setopt(curl, CURLOPT_TCP_FASTOPEN, 1L);
res = curl_easy_perform(curl);
curl_slist_free_all(header);
curl_easy_cleanup(curl);
--
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette: https://curl.se/mail/etiquette.html
