使用 ntlm 代理时 Curl 失败

tag-icon tag-icon curl proxy cntlm
使用 ntlm 代理时 Curl 失败

我的工作使用 NTLM 代理。在我的 Linux 服务器和工作站上,我们使用 cntlm 进行身份验证。我对 yum、wget 或 Web 浏览器没有任何问题,但由于某种原因,curl 无法正常工作。

[root@rhel7 ~]# curl -vv https://get.docker.com/
* About to connect() to get.docker.com port 443 (#0)
*   Trying 52.84.21.59...
* Connected to get.docker.com (52.84.21.59) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -5938 (PR_END_OF_FILE_ERROR)
* Encountered end of file
* Closing connection 0
curl: (35) Encountered end of file

这是我的版本信息:

[root@rhel7 ~]# curl -V -v
curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.16.2.3 
Basic  ECC zlib/1.2.7 libidn/1.28 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps 
pop3 pop3s rtsp scp sftp smtp smtps telnet tftp 
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz

当然,如果我连接到本地主机,它就可以工作:

[root@rhel7 ~]# curl -vv localhost/mediawiki/
* About to connect() to proxy 127.0.0.1 port 3128 (#0)
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 3128 (#0)
> GET HTTP://localhost/mediawiki/ HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost
> Accept: */*
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.1 301 Moved Permanently
< Date: Mon, 01 Feb 2016 19:43:50 GMT
< Server: Apache/2.4.6 (Red Hat Enterprise Linux) PHP/5.4.16
< X-Powered-By: PHP/5.4.16
< X-Content-Type-Options: nosniff
< Vary: Accept-Encoding,Cookie
< Expires: Thu, 01 Jan 1970 00:00:00 GMT
< Cache-Control: private, must-revalidate, max-age=0
< Last-Modified: Mon, 01 Feb 2016 19:43:50 GMT
< Location: http://rhel7/mediawiki/index.php/Main_Page
< Content-Length: 0
< Keep-Alive: timeout=5, max=100
< Connection: keep-alive
< Content-Type: text/html; charset=utf-8
< Proxy-Connection: keep-alive
< 
* Connection #0 to host 127.0.0.1 left intact

和:

[root@rhel7 ~]# uname -a
Linux rhel7.example.com 3.10.0-327.4.5.el7.x86_64 #1 SMP Thu Jan 21 04:10:29 EST 2016 x86_64 x86_64 x86_64 GNU/Linux

cntlm.conf:

[root@rhel7 ~]# grep -v "#" /etc/cntlm.conf 

Username    John.Smith
Domain      EXAMPLE.COM
Proxy           159.29.10.10:8080
Auth            NTLMv2
PassNTLMv2      121212121212121212112121212
Listen      3128



NoProxy     localhost, 127.0.0.*, 10.*, 192.168.*

相关内容