Home > Blockchain >  Stop when using libcurl on tuxedo after check certification
Stop when using libcurl on tuxedo after check certification

Time:09-30

I’m trying to use libcurl to call Rest API.

My server env : Oracle tuxedo(pro *c), AIX 7.1

It does work using command “curl” on prompt. I can also see the whole log by using verbose option.

But it keeps stopping when I tried to use it on client compiling with libcurl.

According to log.

It says…

  • Trying 123.456.789.00:443…
  • Connected to “api url”(123.456.789.00) port 443 (#0)
  • ALPN, offering http/1.1
  • Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
  • successfully set certificate verify locations :
  • CAfile: /var/ssl/cert.pem
  • CApath: /var/ssl/certs/

And it stopped here!!!!

When I use curl command on prompt It says exactly same, But keeps going…

  • TLSv1.2 (OUT), TLS header, Certificate Status (22):
  • TLSv1.2 (OUT), TLS handshake, Client hello (1): … … Etc…

I have no idea what causes this And what is the difference…

Can anybody give me some advice please?

Or is there any other way to call RestAPI easily on Pro *C or C?

========================================

All I did is using sample of libcurl.

static sample(){
    CURL *curl;
    CURLcode res;

    curl = curl_easy_init();

    struct curl_slist *list = NULL;

    if(curl){
        curl_easy_setopt(curl, CURLOPT_URL, "https://ApiUrl.here");
        list = curl_slist_append(list, "Content-Type: application/json");
        list = curl_slist_append(list, "ApiKey : realKey");

        curl_easy_setopt(curl, CURLOPT_HTTPHEADER, list);
        curl_easy_setopt(curl, CURLOPT_SSLVERIFYPEER, 1L);
        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 1L);

        res = curl_easy_perform(curl);
        curl_slist_free_all(list);

        if(res != CURLE_OK){
            fprintf(stderr, "curl_easy_perform() failed : %s \n", curl_easy_strerror(res));
        }
        curl_easy_cleanup(curl);
    }
}

CodePudding user response:

list = curl_slist_append(list, "ApiKey : realKey");

I think that line is the issue.

RFC7230 3.2.4. Field Parsing

No whitespace is allowed between the header field-name and colon. In the past, differences in the handling of such whitespace have led to security vulnerabilities in request routing and response handling. A server MUST reject any received request message that contains whitespace between a header field-name and colon with a response code of 400 (Bad Request). A proxy MUST remove any such whitespace from a response message before forwarding the message downstream.

Remove the space:

list = curl_slist_append(list, "ApiKey: realKey");
  • Related