我认为问题出在我的 openssl 库中,但我需要知道解决它的问题是什么。
$ curl --version
curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.14
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd
当我使用这个curl命令时:
curl -k -vv \
--header 'ModuleID: 12' \
--header 'SOAPAction: http://tempuri.org/ILogInService/AreUserAndPasswordCorrect' \
--header 'Content-Type: text/xml;charset=UTF-8' \
--data '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/">
<soapenv:Header/>
<soapenv:Body>
<tem:AreUserAndPasswordCorrect>
<!--Optional:-->
<tem:userName>a</tem:userName>
<!--Optional:-->
<tem:password>b</tem:password>
<!--Optional:-->
<tem:extension>0</tem:extension>
</tem:AreUserAndPasswordCorrect>
</soapenv:Body>
</soapenv:Envelope>' https://212.121.254.90:7777/Services/LogInService.svc
我得到这样的回应:
* Trying 212.121.254.90:7777...
* Connected to 212.121.254.90 (212.121.254.90) port 7777 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: Conexión reinicializada por la máquina remota in connection to 212.121.254.90:7777
* Closing connection 0
* TLSv1.0 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, decode error (562):
curl: (35) OpenSSL SSL_connect: Conexión reinicializada por la máquina remota in connection to 212.121.254.90:7777
但我的手机上的相同 cURL 命令返回:
我认为这与 openssl 版本有关,移动设备使用的是 BoringSSL,亚马逊的一台服务器也可以使用 openssl 1.1.1
我怎样才能让它在实际的 openssl 实现中工作?或者我如何确认问题所在?