curl error 52 when accessing https when wget works










1















I'm trying to access the web interface of a Snom D315 phone via curl (7.62.0 on macOS), but I keep getting error 52 (CURLE_GOT_NOTHING):



$ curl --insecure --user admin:password https://172.16.99.61/settings.xml
curl: (52) Empty reply from server


Interesting factoids:



  • access via HTTP works as expected

  • the page (HTTPS) opens just fine in a browser or via wget (1.19.5)

  • it also works on older Snom D300 devices (with a different firmware of course)

Any help is appreciated!



P.S.: I've read through the answers of this question but to no avail. I've also confirmed this behaviour with a different D315 and curl 7.52.1 on Debian and updated the phone's firmware to the lastest version.



Details



curl



Here's the output of curl --trace-ascii --trace-time --insecure --user admin:password https://172.16.99.61/settings.xml:



11:31:18.201318 == Info: Trying 172.16.99.61...
11:31:18.201651 == Info: TCP_NODELAY set
11:31:18.202233 == Info: Connected to 172.16.99.61 (172.16.99.61) port 443 (#0)
11:31:18.205540 == Info: ALPN, offering http/1.1
11:31:18.205555 == Info: WARNING: disabling hostname validation also disables SNI.
11:31:18.267158 == Info: TLS 1.2 connection using TLS_RSA_WITH_AES_128_GCM_SHA256
11:31:18.267184 == Info: ALPN, server did not agree to a protocol
11:31:18.270517 == Info: Server certificate: xxxxxxxxxxxx
11:31:18.270615 == Info: Server certificate: Snom Phone 1
11:31:18.270712 == Info: Server certificate: Snom Technology AG CA
11:31:18.270730 == Info: Server auth using Basic with user 'admin'
11:31:18.270784 => Send header, 131 bytes (0x83)
0000: GET /settings.xml HTTP/1.1
001c: Host: 172.16.99.61
0030: Authorization: Basic XXXXXXXXXXXXXXXXXXX=
005b: User-Agent: curl/7.62.0
0074: Accept: */*
0081: 
11:31:18.391320 == Info: Empty reply from server
11:31:18.391337 == Info: Connection #0 to host 172.16.99.61 left intact


And this is the corresponding log from the phone in question:



Nov 13 11:31:17.394 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [DEBUG2] PHN: WEB: HTTP 944/443 accepted from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 handshake start
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 SSL_accept/0 before/accept initialization (0)
Nov 13 11:31:17.396 [DEBUG2] PHN: WEB: HTTP 944/443 connected
Nov 13 11:31:17.399 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:31:17.400 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.408 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 handshake done
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 SetHandshakeFinished()
Nov 13 11:31:17.463 [INFO ] PHN: WEB: Request 944/131/0: GET /settings.xml HTTP/1.1
Nov 13 11:31:17.464 [INFO ] PHN: WEB: 944 Basic authentication.
Nov 13 11:31:17.582 [DEBUG2] PHN: WEB: HTTP 944/443 disconnecting
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 disconnected
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 deleted


wget



Here's the output of wget --verbose --no-check-certificate --server-response -O- https://admin:password@172.16.99.61/settings.xml >/dev/null:



-2018-11-13 11:34:35-- https://admin:*password*@172.16.99.61/settings.xml
Connecting to 172.16.99.61:443... connected.
WARNING: cannot verify 172.16.99.61's certificate, issued by 'emailAddress=security@snom.com,CN=Snom Phone 1,O=Snom Technology AG,L=Berlin,ST=Berlin,C=DE':
 Self-signed certificate encountered.
 WARNING: certificate common name 'xxxxxxxxxxxx' doesn't match requested host name '172.16.99.61'.
HTTP request sent, awaiting response...
 HTTP/1.1 401 Unauthorized
 WWW-Authenticate: Basic realm="snom"
 Content-Type: text/plain
 Content-Length: 22
Authentication selected: Basic realm="snom"
Reusing existing connection to 172.16.99.61:443.
HTTP request sent, awaiting response...
 HTTP/1.1 200 Ok
 Server: snom embedded
 Cache-Control: no-cache
 Cache-Control: no-store
 Content-Type: text/xml
 Content-Length: 110173
Length: 110173 (108K) [text/xml]
Saving to: 'STDOUT'
2018-11-13 11:34:36 (2.39 MB/s) - written to stdout [110173/110173]


And this is the log from the phone:



Nov 13 11:34:35.023 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [DEBUG2] PHN: WEB: HTTP 974/443 accepted from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 handshake start
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 before/accept initialization (0)
Nov 13 11:34:35.025 [DEBUG2] PHN: WEB: HTTP 974/443 connected
Nov 13 11:34:35.028 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:34:35.029 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.034 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:34:35.072 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write session ticket A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 handshake done
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:34:35.075 [DEBUG2] TLS: 0x8dd4c0 SetHandshakeFinished()
Nov 13 11:34:35.079 [INFO ] PHN: WEB: Request 974/154/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.080 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.080 [INFO ] PHN: Authentication triggered. Set flag back.
Nov 13 11:34:35.082 [INFO ] PHN: WEB: Request 974/197/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.083 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 disconnected
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 deleted





ssl curl wget snom







share|improve this question
























  • Although I don't believe this will be the solution (the handshake going to its end correctly), try with the --no-alpn option

    – Eugène Adell
    Nov 13 '18 at 11:53











  • I did try that, makes no difference (other than that log message disappearing).

    – n3rd
    Nov 13 '18 at 13:07











  • I just see 3 painfull methods for your problem : looking in the whole curl bug database, trying all of the --no-something options, making a network capture with hope that you can decrypt it (use a non FS cipher suite). Maybe, try a HEAD or OPTIONS http method to see how it behaves. Does the password contain a very special character (= : ?) ?

    – Eugène Adell
    Nov 13 '18 at 13:34












  • I already tried all --no-something options that might be applicable without success. The password consists of alphanumeric characters only :(

    – n3rd
    Nov 13 '18 at 14:36






  • 1





    Did you try an openssl s_client command to see how it behaves ? Interestingly, you can then send your request built from text only (GET / HTTP/1.1 Authorization: Basic ***== .... )

    – Eugène Adell
    Nov 13 '18 at 16:09
















1















I'm trying to access the web interface of a Snom D315 phone via curl (7.62.0 on macOS), but I keep getting error 52 (CURLE_GOT_NOTHING):



$ curl --insecure --user admin:password https://172.16.99.61/settings.xml
curl: (52) Empty reply from server


Interesting factoids:



  • access via HTTP works as expected

  • the page (HTTPS) opens just fine in a browser or via wget (1.19.5)

  • it also works on older Snom D300 devices (with a different firmware of course)

Any help is appreciated!



P.S.: I've read through the answers of this question but to no avail. I've also confirmed this behaviour with a different D315 and curl 7.52.1 on Debian and updated the phone's firmware to the lastest version.



Details



curl



Here's the output of curl --trace-ascii --trace-time --insecure --user admin:password https://172.16.99.61/settings.xml:



11:31:18.201318 == Info: Trying 172.16.99.61...
11:31:18.201651 == Info: TCP_NODELAY set
11:31:18.202233 == Info: Connected to 172.16.99.61 (172.16.99.61) port 443 (#0)
11:31:18.205540 == Info: ALPN, offering http/1.1
11:31:18.205555 == Info: WARNING: disabling hostname validation also disables SNI.
11:31:18.267158 == Info: TLS 1.2 connection using TLS_RSA_WITH_AES_128_GCM_SHA256
11:31:18.267184 == Info: ALPN, server did not agree to a protocol
11:31:18.270517 == Info: Server certificate: xxxxxxxxxxxx
11:31:18.270615 == Info: Server certificate: Snom Phone 1
11:31:18.270712 == Info: Server certificate: Snom Technology AG CA
11:31:18.270730 == Info: Server auth using Basic with user 'admin'
11:31:18.270784 => Send header, 131 bytes (0x83)
0000: GET /settings.xml HTTP/1.1
001c: Host: 172.16.99.61
0030: Authorization: Basic XXXXXXXXXXXXXXXXXXX=
005b: User-Agent: curl/7.62.0
0074: Accept: */*
0081: 
11:31:18.391320 == Info: Empty reply from server
11:31:18.391337 == Info: Connection #0 to host 172.16.99.61 left intact


And this is the corresponding log from the phone in question:



Nov 13 11:31:17.394 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [DEBUG2] PHN: WEB: HTTP 944/443 accepted from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 handshake start
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 SSL_accept/0 before/accept initialization (0)
Nov 13 11:31:17.396 [DEBUG2] PHN: WEB: HTTP 944/443 connected
Nov 13 11:31:17.399 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:31:17.400 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.408 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 handshake done
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 SetHandshakeFinished()
Nov 13 11:31:17.463 [INFO ] PHN: WEB: Request 944/131/0: GET /settings.xml HTTP/1.1
Nov 13 11:31:17.464 [INFO ] PHN: WEB: 944 Basic authentication.
Nov 13 11:31:17.582 [DEBUG2] PHN: WEB: HTTP 944/443 disconnecting
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 disconnected
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 deleted


wget



Here's the output of wget --verbose --no-check-certificate --server-response -O- https://admin:password@172.16.99.61/settings.xml >/dev/null:



-2018-11-13 11:34:35-- https://admin:*password*@172.16.99.61/settings.xml
Connecting to 172.16.99.61:443... connected.
WARNING: cannot verify 172.16.99.61's certificate, issued by 'emailAddress=security@snom.com,CN=Snom Phone 1,O=Snom Technology AG,L=Berlin,ST=Berlin,C=DE':
 Self-signed certificate encountered.
 WARNING: certificate common name 'xxxxxxxxxxxx' doesn't match requested host name '172.16.99.61'.
HTTP request sent, awaiting response...
 HTTP/1.1 401 Unauthorized
 WWW-Authenticate: Basic realm="snom"
 Content-Type: text/plain
 Content-Length: 22
Authentication selected: Basic realm="snom"
Reusing existing connection to 172.16.99.61:443.
HTTP request sent, awaiting response...
 HTTP/1.1 200 Ok
 Server: snom embedded
 Cache-Control: no-cache
 Cache-Control: no-store
 Content-Type: text/xml
 Content-Length: 110173
Length: 110173 (108K) [text/xml]
Saving to: 'STDOUT'
2018-11-13 11:34:36 (2.39 MB/s) - written to stdout [110173/110173]


And this is the log from the phone:



Nov 13 11:34:35.023 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [DEBUG2] PHN: WEB: HTTP 974/443 accepted from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 handshake start
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 before/accept initialization (0)
Nov 13 11:34:35.025 [DEBUG2] PHN: WEB: HTTP 974/443 connected
Nov 13 11:34:35.028 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:34:35.029 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.034 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:34:35.072 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write session ticket A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 handshake done
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:34:35.075 [DEBUG2] TLS: 0x8dd4c0 SetHandshakeFinished()
Nov 13 11:34:35.079 [INFO ] PHN: WEB: Request 974/154/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.080 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.080 [INFO ] PHN: Authentication triggered. Set flag back.
Nov 13 11:34:35.082 [INFO ] PHN: WEB: Request 974/197/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.083 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 disconnected
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 deleted





ssl curl wget snom







share|improve this question
























  • Although I don't believe this will be the solution (the handshake going to its end correctly), try with the --no-alpn option

    – Eugène Adell
    Nov 13 '18 at 11:53











  • I did try that, makes no difference (other than that log message disappearing).

    – n3rd
    Nov 13 '18 at 13:07











  • I just see 3 painfull methods for your problem : looking in the whole curl bug database, trying all of the --no-something options, making a network capture with hope that you can decrypt it (use a non FS cipher suite). Maybe, try a HEAD or OPTIONS http method to see how it behaves. Does the password contain a very special character (= : ?) ?

    – Eugène Adell
    Nov 13 '18 at 13:34












  • I already tried all --no-something options that might be applicable without success. The password consists of alphanumeric characters only :(

    – n3rd
    Nov 13 '18 at 14:36






  • 1





    Did you try an openssl s_client command to see how it behaves ? Interestingly, you can then send your request built from text only (GET / HTTP/1.1 Authorization: Basic ***== .... )

    – Eugène Adell
    Nov 13 '18 at 16:09














1












1








1


1






I'm trying to access the web interface of a Snom D315 phone via curl (7.62.0 on macOS), but I keep getting error 52 (CURLE_GOT_NOTHING):



$ curl --insecure --user admin:password https://172.16.99.61/settings.xml
curl: (52) Empty reply from server


Interesting factoids:



  • access via HTTP works as expected

  • the page (HTTPS) opens just fine in a browser or via wget (1.19.5)

  • it also works on older Snom D300 devices (with a different firmware of course)

Any help is appreciated!



P.S.: I've read through the answers of this question but to no avail. I've also confirmed this behaviour with a different D315 and curl 7.52.1 on Debian and updated the phone's firmware to the lastest version.



Details



curl



Here's the output of curl --trace-ascii --trace-time --insecure --user admin:password https://172.16.99.61/settings.xml:



11:31:18.201318 == Info: Trying 172.16.99.61...
11:31:18.201651 == Info: TCP_NODELAY set
11:31:18.202233 == Info: Connected to 172.16.99.61 (172.16.99.61) port 443 (#0)
11:31:18.205540 == Info: ALPN, offering http/1.1
11:31:18.205555 == Info: WARNING: disabling hostname validation also disables SNI.
11:31:18.267158 == Info: TLS 1.2 connection using TLS_RSA_WITH_AES_128_GCM_SHA256
11:31:18.267184 == Info: ALPN, server did not agree to a protocol
11:31:18.270517 == Info: Server certificate: xxxxxxxxxxxx
11:31:18.270615 == Info: Server certificate: Snom Phone 1
11:31:18.270712 == Info: Server certificate: Snom Technology AG CA
11:31:18.270730 == Info: Server auth using Basic with user 'admin'
11:31:18.270784 => Send header, 131 bytes (0x83)
0000: GET /settings.xml HTTP/1.1
001c: Host: 172.16.99.61
0030: Authorization: Basic XXXXXXXXXXXXXXXXXXX=
005b: User-Agent: curl/7.62.0
0074: Accept: */*
0081: 
11:31:18.391320 == Info: Empty reply from server
11:31:18.391337 == Info: Connection #0 to host 172.16.99.61 left intact


And this is the corresponding log from the phone in question:



Nov 13 11:31:17.394 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [DEBUG2] PHN: WEB: HTTP 944/443 accepted from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 handshake start
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 SSL_accept/0 before/accept initialization (0)
Nov 13 11:31:17.396 [DEBUG2] PHN: WEB: HTTP 944/443 connected
Nov 13 11:31:17.399 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:31:17.400 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.408 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 handshake done
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 SetHandshakeFinished()
Nov 13 11:31:17.463 [INFO ] PHN: WEB: Request 944/131/0: GET /settings.xml HTTP/1.1
Nov 13 11:31:17.464 [INFO ] PHN: WEB: 944 Basic authentication.
Nov 13 11:31:17.582 [DEBUG2] PHN: WEB: HTTP 944/443 disconnecting
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 disconnected
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 deleted


wget



Here's the output of wget --verbose --no-check-certificate --server-response -O- https://admin:password@172.16.99.61/settings.xml >/dev/null:



-2018-11-13 11:34:35-- https://admin:*password*@172.16.99.61/settings.xml
Connecting to 172.16.99.61:443... connected.
WARNING: cannot verify 172.16.99.61's certificate, issued by 'emailAddress=security@snom.com,CN=Snom Phone 1,O=Snom Technology AG,L=Berlin,ST=Berlin,C=DE':
 Self-signed certificate encountered.
 WARNING: certificate common name 'xxxxxxxxxxxx' doesn't match requested host name '172.16.99.61'.
HTTP request sent, awaiting response...
 HTTP/1.1 401 Unauthorized
 WWW-Authenticate: Basic realm="snom"
 Content-Type: text/plain
 Content-Length: 22
Authentication selected: Basic realm="snom"
Reusing existing connection to 172.16.99.61:443.
HTTP request sent, awaiting response...
 HTTP/1.1 200 Ok
 Server: snom embedded
 Cache-Control: no-cache
 Cache-Control: no-store
 Content-Type: text/xml
 Content-Length: 110173
Length: 110173 (108K) [text/xml]
Saving to: 'STDOUT'
2018-11-13 11:34:36 (2.39 MB/s) - written to stdout [110173/110173]


And this is the log from the phone:



Nov 13 11:34:35.023 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [DEBUG2] PHN: WEB: HTTP 974/443 accepted from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 handshake start
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 before/accept initialization (0)
Nov 13 11:34:35.025 [DEBUG2] PHN: WEB: HTTP 974/443 connected
Nov 13 11:34:35.028 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:34:35.029 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.034 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:34:35.072 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write session ticket A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 handshake done
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:34:35.075 [DEBUG2] TLS: 0x8dd4c0 SetHandshakeFinished()
Nov 13 11:34:35.079 [INFO ] PHN: WEB: Request 974/154/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.080 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.080 [INFO ] PHN: Authentication triggered. Set flag back.
Nov 13 11:34:35.082 [INFO ] PHN: WEB: Request 974/197/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.083 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 disconnected
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 deleted





ssl curl wget snom







share|improve this question
















I'm trying to access the web interface of a Snom D315 phone via curl (7.62.0 on macOS), but I keep getting error 52 (CURLE_GOT_NOTHING):



$ curl --insecure --user admin:password https://172.16.99.61/settings.xml
curl: (52) Empty reply from server


Interesting factoids:



  • access via HTTP works as expected

  • the page (HTTPS) opens just fine in a browser or via wget (1.19.5)

  • it also works on older Snom D300 devices (with a different firmware of course)

Any help is appreciated!



P.S.: I've read through the answers of this question but to no avail. I've also confirmed this behaviour with a different D315 and curl 7.52.1 on Debian and updated the phone's firmware to the lastest version.



Details



curl



Here's the output of curl --trace-ascii --trace-time --insecure --user admin:password https://172.16.99.61/settings.xml:



11:31:18.201318 == Info: Trying 172.16.99.61...
11:31:18.201651 == Info: TCP_NODELAY set
11:31:18.202233 == Info: Connected to 172.16.99.61 (172.16.99.61) port 443 (#0)
11:31:18.205540 == Info: ALPN, offering http/1.1
11:31:18.205555 == Info: WARNING: disabling hostname validation also disables SNI.
11:31:18.267158 == Info: TLS 1.2 connection using TLS_RSA_WITH_AES_128_GCM_SHA256
11:31:18.267184 == Info: ALPN, server did not agree to a protocol
11:31:18.270517 == Info: Server certificate: xxxxxxxxxxxx
11:31:18.270615 == Info: Server certificate: Snom Phone 1
11:31:18.270712 == Info: Server certificate: Snom Technology AG CA
11:31:18.270730 == Info: Server auth using Basic with user 'admin'
11:31:18.270784 => Send header, 131 bytes (0x83)
0000: GET /settings.xml HTTP/1.1
001c: Host: 172.16.99.61
0030: Authorization: Basic XXXXXXXXXXXXXXXXXXX=
005b: User-Agent: curl/7.62.0
0074: Accept: */*
0081: 
11:31:18.391320 == Info: Empty reply from server
11:31:18.391337 == Info: Connection #0 to host 172.16.99.61 left intact


And this is the corresponding log from the phone in question:



Nov 13 11:31:17.394 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [DEBUG2] PHN: WEB: HTTP 944/443 accepted from Tls:172.16.1.167:65215
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.395 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 handshake start
Nov 13 11:31:17.396 [DEBUG2] TLS: 0xc44330 SSL_accept/0 before/accept initialization (0)
Nov 13 11:31:17.396 [DEBUG2] PHN: WEB: HTTP 944/443 connected
Nov 13 11:31:17.399 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:31:17.400 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:31:17.401 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.408 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:31:17.442 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:31:17.444 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:31:17.445 [DEBUG2] TLS: 0xc44330 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 handshake done
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:31:17.458 [DEBUG2] TLS: 0xc44330 SetHandshakeFinished()
Nov 13 11:31:17.463 [INFO ] PHN: WEB: Request 944/131/0: GET /settings.xml HTTP/1.1
Nov 13 11:31:17.464 [INFO ] PHN: WEB: 944 Basic authentication.
Nov 13 11:31:17.582 [DEBUG2] PHN: WEB: HTTP 944/443 disconnecting
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 disconnected
Nov 13 11:31:17.583 [DEBUG2] PHN: WEB: HTTP 944/443 deleted


wget



Here's the output of wget --verbose --no-check-certificate --server-response -O- https://admin:password@172.16.99.61/settings.xml >/dev/null:



-2018-11-13 11:34:35-- https://admin:*password*@172.16.99.61/settings.xml
Connecting to 172.16.99.61:443... connected.
WARNING: cannot verify 172.16.99.61's certificate, issued by 'emailAddress=security@snom.com,CN=Snom Phone 1,O=Snom Technology AG,L=Berlin,ST=Berlin,C=DE':
 Self-signed certificate encountered.
 WARNING: certificate common name 'xxxxxxxxxxxx' doesn't match requested host name '172.16.99.61'.
HTTP request sent, awaiting response...
 HTTP/1.1 401 Unauthorized
 WWW-Authenticate: Basic realm="snom"
 Content-Type: text/plain
 Content-Length: 22
Authentication selected: Basic realm="snom"
Reusing existing connection to 172.16.99.61:443.
HTTP request sent, awaiting response...
 HTTP/1.1 200 Ok
 Server: snom embedded
 Cache-Control: no-cache
 Cache-Control: no-store
 Content-Type: text/xml
 Content-Length: 110173
Length: 110173 (108K) [text/xml]
Saving to: 'STDOUT'
2018-11-13 11:34:36 (2.39 MB/s) - written to stdout [110173/110173]


And this is the log from the phone:



Nov 13 11:34:35.023 [DEBUG2] PHN: WEB: HTTP accepting from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [DEBUG2] PHN: WEB: HTTP 974/443 accepted from Tls:172.16.1.167:49672
Nov 13 11:34:35.024 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [ERROR ] TLS: BIO_new_bio_pair code 336396495, error:140D00CF:SSL routines:SSL_write:protocol is shutdown
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 handshake start
Nov 13 11:34:35.025 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 before/accept initialization (0)
Nov 13 11:34:35.025 [DEBUG2] PHN: WEB: HTTP 974/443 connected
Nov 13 11:34:35.028 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client hello A (0)
Nov 13 11:34:35.029 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write server hello A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write certificate request A (0)
Nov 13 11:34:35.030 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.034 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client certificate A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read client key exchange A (0)
Nov 13 11:34:35.069 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read certificate verify A (0)
Nov 13 11:34:35.072 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 read finished A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write session ticket A (0)
Nov 13 11:34:35.073 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write change cipher spec A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 write finished A (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 SSL_accept/0 SSLv3 flush data (0)
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 handshake done
Nov 13 11:34:35.074 [DEBUG2] TLS: 0x8dd4c0 Flag SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS set.
Nov 13 11:34:35.075 [DEBUG2] TLS: 0x8dd4c0 SetHandshakeFinished()
Nov 13 11:34:35.079 [INFO ] PHN: WEB: Request 974/154/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.080 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.080 [INFO ] PHN: Authentication triggered. Set flag back.
Nov 13 11:34:35.082 [INFO ] PHN: WEB: Request 974/197/0: GET /settings.xml HTTP/1.1
Nov 13 11:34:35.083 [INFO ] PHN: WEB: 974 Basic authentication.
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 disconnected
Nov 13 11:34:35.251 [DEBUG2] PHN: WEB: HTTP 974/443 deleted





ssl curl wget snom




ssl curl wget snom






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 15 '18 at 9:12







n3rd

















asked Nov 13 '18 at 10:47









n3rdn3rd

4,27523054




4,27523054












  • Although I don't believe this will be the solution (the handshake going to its end correctly), try with the --no-alpn option

    – Eugène Adell
    Nov 13 '18 at 11:53











  • I did try that, makes no difference (other than that log message disappearing).

    – n3rd
    Nov 13 '18 at 13:07











  • I just see 3 painfull methods for your problem : looking in the whole curl bug database, trying all of the --no-something options, making a network capture with hope that you can decrypt it (use a non FS cipher suite). Maybe, try a HEAD or OPTIONS http method to see how it behaves. Does the password contain a very special character (= : ?) ?

    – Eugène Adell
    Nov 13 '18 at 13:34












  • I already tried all --no-something options that might be applicable without success. The password consists of alphanumeric characters only :(

    – n3rd
    Nov 13 '18 at 14:36






  • 1





    Did you try an openssl s_client command to see how it behaves ? Interestingly, you can then send your request built from text only (GET / HTTP/1.1 Authorization: Basic ***== .... )

    – Eugène Adell
    Nov 13 '18 at 16:09


















  • Although I don't believe this will be the solution (the handshake going to its end correctly), try with the --no-alpn option

    – Eugène Adell
    Nov 13 '18 at 11:53











  • I did try that, makes no difference (other than that log message disappearing).

    – n3rd
    Nov 13 '18 at 13:07











  • I just see 3 painfull methods for your problem : looking in the whole curl bug database, trying all of the --no-something options, making a network capture with hope that you can decrypt it (use a non FS cipher suite). Maybe, try a HEAD or OPTIONS http method to see how it behaves. Does the password contain a very special character (= : ?) ?

    – Eugène Adell
    Nov 13 '18 at 13:34












  • I already tried all --no-something options that might be applicable without success. The password consists of alphanumeric characters only :(

    – n3rd
    Nov 13 '18 at 14:36






  • 1





    Did you try an openssl s_client command to see how it behaves ? Interestingly, you can then send your request built from text only (GET / HTTP/1.1 Authorization: Basic ***== .... )

    – Eugène Adell
    Nov 13 '18 at 16:09

















Although I don't believe this will be the solution (the handshake going to its end correctly), try with the --no-alpn option

– Eugène Adell
Nov 13 '18 at 11:53





Although I don't believe this will be the solution (the handshake going to its end correctly), try with the --no-alpn option

– Eugène Adell
Nov 13 '18 at 11:53













I did try that, makes no difference (other than that log message disappearing).

– n3rd
Nov 13 '18 at 13:07





I did try that, makes no difference (other than that log message disappearing).

– n3rd
Nov 13 '18 at 13:07













I just see 3 painfull methods for your problem : looking in the whole curl bug database, trying all of the --no-something options, making a network capture with hope that you can decrypt it (use a non FS cipher suite). Maybe, try a HEAD or OPTIONS http method to see how it behaves. Does the password contain a very special character (= : ?) ?

– Eugène Adell
Nov 13 '18 at 13:34






I just see 3 painfull methods for your problem : looking in the whole curl bug database, trying all of the --no-something options, making a network capture with hope that you can decrypt it (use a non FS cipher suite). Maybe, try a HEAD or OPTIONS http method to see how it behaves. Does the password contain a very special character (= : ?) ?

– Eugène Adell
Nov 13 '18 at 13:34














I already tried all --no-something options that might be applicable without success. The password consists of alphanumeric characters only :(

– n3rd
Nov 13 '18 at 14:36





I already tried all --no-something options that might be applicable without success. The password consists of alphanumeric characters only :(

– n3rd
Nov 13 '18 at 14:36




1




1





Did you try an openssl s_client command to see how it behaves ? Interestingly, you can then send your request built from text only (GET / HTTP/1.1 Authorization: Basic ***== .... )

– Eugène Adell
Nov 13 '18 at 16:09






Did you try an openssl s_client command to see how it behaves ? Interestingly, you can then send your request built from text only (GET / HTTP/1.1 Authorization: Basic ***== .... )

– Eugène Adell
Nov 13 '18 at 16:09













1 Answer
1






active

oldest

votes


















1














Now this is interesting: manually adding the Connection: keep-alive header makes everything work:



$ curl -sSL -D - -o /dev/null --insecure -H 'Connection: keep-alive' --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:18:13 CET 2018
HTTP/1.1 200 Ok
Server: snom embedded
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: text/xml
Content-Length: 110192


Whereas without it, it doesn't:



$ curl -sSL -D - -o /dev/null --insecure --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:19:53 CET 2018
curl: (52) Empty reply from server





share|improve this answer























  • well done, you should mark your own answer as the good one.

    – Eugène Adell
    Nov 14 '18 at 20:08











  • I will, but I have to wait another hour :)

    – n3rd
    Nov 15 '18 at 9:10










Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53279318%2fcurl-error-52-when-accessing-https-when-wget-works%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









1














Now this is interesting: manually adding the Connection: keep-alive header makes everything work:



$ curl -sSL -D - -o /dev/null --insecure -H 'Connection: keep-alive' --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:18:13 CET 2018
HTTP/1.1 200 Ok
Server: snom embedded
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: text/xml
Content-Length: 110192


Whereas without it, it doesn't:



$ curl -sSL -D - -o /dev/null --insecure --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:19:53 CET 2018
curl: (52) Empty reply from server





share|improve this answer























  • well done, you should mark your own answer as the good one.

    – Eugène Adell
    Nov 14 '18 at 20:08











  • I will, but I have to wait another hour :)

    – n3rd
    Nov 15 '18 at 9:10















1














Now this is interesting: manually adding the Connection: keep-alive header makes everything work:



$ curl -sSL -D - -o /dev/null --insecure -H 'Connection: keep-alive' --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:18:13 CET 2018
HTTP/1.1 200 Ok
Server: snom embedded
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: text/xml
Content-Length: 110192


Whereas without it, it doesn't:



$ curl -sSL -D - -o /dev/null --insecure --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:19:53 CET 2018
curl: (52) Empty reply from server





share|improve this answer























  • well done, you should mark your own answer as the good one.

    – Eugène Adell
    Nov 14 '18 at 20:08











  • I will, but I have to wait another hour :)

    – n3rd
    Nov 15 '18 at 9:10













1












1








1







Now this is interesting: manually adding the Connection: keep-alive header makes everything work:



$ curl -sSL -D - -o /dev/null --insecure -H 'Connection: keep-alive' --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:18:13 CET 2018
HTTP/1.1 200 Ok
Server: snom embedded
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: text/xml
Content-Length: 110192


Whereas without it, it doesn't:



$ curl -sSL -D - -o /dev/null --insecure --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:19:53 CET 2018
curl: (52) Empty reply from server





share|improve this answer













Now this is interesting: manually adding the Connection: keep-alive header makes everything work:



$ curl -sSL -D - -o /dev/null --insecure -H 'Connection: keep-alive' --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:18:13 CET 2018
HTTP/1.1 200 Ok
Server: snom embedded
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: text/xml
Content-Length: 110192


Whereas without it, it doesn't:



$ curl -sSL -D - -o /dev/null --insecure --user admin:xxxxx https://172.16.99.61/settings.xml
Wed Nov 14 11:19:53 CET 2018
curl: (52) Empty reply from server






share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 14 '18 at 10:25









n3rdn3rd

4,27523054




4,27523054












  • well done, you should mark your own answer as the good one.

    – Eugène Adell
    Nov 14 '18 at 20:08











  • I will, but I have to wait another hour :)

    – n3rd
    Nov 15 '18 at 9:10

















  • well done, you should mark your own answer as the good one.

    – Eugène Adell
    Nov 14 '18 at 20:08











  • I will, but I have to wait another hour :)

    – n3rd
    Nov 15 '18 at 9:10
















well done, you should mark your own answer as the good one.

– Eugène Adell
Nov 14 '18 at 20:08





well done, you should mark your own answer as the good one.

– Eugène Adell
Nov 14 '18 at 20:08













I will, but I have to wait another hour :)

– n3rd
Nov 15 '18 at 9:10





I will, but I have to wait another hour :)

– n3rd
Nov 15 '18 at 9:10



















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53279318%2fcurl-error-52-when-accessing-https-when-wget-works%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

How to how show current date and time by default on contact form 7 in WordPress without taking input from user in datetimepicker

Image
0 I have a "Ask for demo" form which has two options, 1. Contact me now and 2. Schedule a demo. If user selects option 1 then current date and time should by displayed on form and if he selects option 2 then A calendar is shown for taking user input. My problem is getting current date and time by default on form. Please help. TIA contact-form-7 share | improve this question asked Nov 12 '18 at 9:01 abhi25 abhi25 14 5 add a comment  |  0 I have a "Ask for demo" form which has two options, 1. Contact me now and 2. Schedule a demo. If user selects option 1 then current date and time should by displayed on form and if he selects option 2 then A calendar is shown for taking user input. My problem is getting current date and time by default on form. Please help. TIA contact-form-7 share | improve this question asked Nov 12 '18 at 9:01 abhi25 abhi25 14 5 add a commen
Read more

Syphilis

Image
Klassifikation nach ICD-10 A50 Syphilis connata A51 Frühsyphilis A52 Spätsyphilis A53 Sonstige und nicht näher bezeichnete Syphilis ICD-10 online (WHO-Version 2019) Syphilis , [1] auch Lues (venerea) , harter Schanker oder Franzosenkrankheit (maladie française) genannt, ist eine chronische Infektionskrankheit, die zur Gruppe der sexuell übertragbaren Erkrankungen gehört. Der Erreger der Syphilis ist das Bakterium Treponema pallidum ssp. pallidum . Die Syphilis wird hauptsächlich bei sexuellen Handlungen durch Schleimhautkontakt und ausschließlich von Mensch zu Mensch übertragen. Während der Schwangerschaft und bei der Geburt kann eine erkrankte Mutter ihr Kind infizieren ( Syphilis connata ). Das Erscheinungsbild der Krankheit ist vielfältig. Typisch ist ein Beginn mit schmerzlosen Schleimhautgeschwüren und Lymphknotenschwellungen. Bei einem Teil der Infizierten kommt es zu einem chronischen Verlauf, der durch vielfältigen Haut- und Organbefall gekennzeichnet ist. Im Endstadium kom
Read more

Darth Vader #20

Image
Wiki Characters Creators Teams Volumes Issues Publishers Locations Concepts Things Story Arcs Movies Series Episodes New Comics Forums Gen. Discussion Bug Reporting Delete/Combine Pages Artist Show-Off Off-Topic Contests Battles Fan-Fic RPG Comic Book Preview API Developers Editing & Tools Podcast Quests Community Top Users Activity Feed User Lists Community Promos Archives News Reviews Videos Podcasts Previews Login / Sign Up All Wiki     Arcs     Characters     Companies     Concepts     Issues     Locations     Movies     People     Teams     Things     Volumes     Series     Episodes Editorial     Videos     Articles     Reviews     Features Community     Users Wiki Characters Creators Teams Volumes Issues Publishers Locations Concepts Things Story Arcs Movies Series Episodes New Comics Forums Gen. Discussion Bug Reporting Delete/Combine Pages Artist Show-Off Off-Topic Contests Battles Fan-Fic RPG Comic Book Preview API Developers Editing & Tools Podcast Quests Com
Read more