[英]transform CURL request to PHP CURL
我有這個Curl請求:
curl.exe -k --proxy-ntlm --proxy-user : --proxy http://proxyurl:80 -E C:\temp\certificat.pem:certifPassword -H depth:1 -X PROPFIND https://www.url.fr/to/webdav/number/folder/ > retour.xml
我要用php腳本翻譯它。 所以我這樣做了:
$ch = curl_init();
$urlPropfind = "https://www.url.fr/to/webdav/number/folder/";
$certifPropfind = __DIR__."/certificats/certificat.pem";
$passwordPropfind = "certifPassword";
$header = "depth:1";
//Proxy config
$proxyAdresse = "http://proxyUrl";
$proxyIp = "192.168.0.1"; //I change IP for security
$proxyPort = 80;
$proxyIdentification = "proxyUser:proxyPassword";
curl_setopt($ch, CURLOPT_PROXY, $proxyIp);
curl_setopt($ch, CURLOPT_PROXYPORT, $proxyPort);
curl_setopt($ch, CURLOPT_PROXYTYPE, 'HTTP');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSLCERT, $certifPropfind);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $passwordPropfind);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
$output = curl_exec($ch);
var_dump($output);
var_dump(curl_getinfo($ch));
curl_close($ch);
但是我的卷發返回FALSE,所以我不明白我做錯了什么嗎?
錯誤:
HTTP / 1.1 200已建立連接<*代理對連接請求的回答為OK * CAfile:/etc/pki/tls/certs/ca-bundle.crt CApath:無* NSS:找不到客戶端證書:certServeurTM.pem * NSS錯誤-12227 (SSL_ERROR_HANDSHAKE_FAILURE_ALERT)* SSL對等方無法協商一組可接受的安全性參數。 *關閉連接2
和
編輯
我將其轉換為PHP,這里是我的:
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_NOPROGRESS, true);
curl_setopt($ch, CURLOPT_PROXY, $proxyAdresse);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.29.0");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
curl_setopt($ch, CURLOPT_MAXREDIRS, 50);
curl_setopt($ch, CURLOPT_KEYPASSWD, "/var/www/html/myapplication/certificats/certServeurTM.pem:toulouse31");
curl_setopt($ch, CURLOPT_SSLCERT, "certServeurTM.pem");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
&我收到的消息(僅消息末尾。直到通過證書為止一切都很好):
HTTP / 1.1 200已建立連接<*代理對連接請求的回答為OK * CAfile:/etc/pki/tls/certs/ca-bundle.crt CApath:無* NSS:找不到客戶端證書:certServeurTM.pem * NSS錯誤-12227 (SSL_ERROR_HANDSHAKE_FAILURE_ALERT)* SSL對等方無法協商一組可接受的安全性參數。 *關閉連接2
我加了
curl_setopt($ch, CURLOPT_CAPATH, "/var/www/html/myapplication/certificats");
&我看到以下消息
無法從CURLOPT_CAPATH加載'/var/www/html/myapplication/certificats/certServeurTM.pem'
在最后一個curl_setopt
之后,將以下代碼添加到腳本中,然后查看輸出:
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
這將為您提供有關問題所在的線索。 如果您自己無法解決問題,請使用新代碼的輸出更新您的問題。
通過檢查curl的--libcurl
參數,似乎:
您忘記將CURLOPT_PROXYAUTH
為CURLAUTH_NTLM
。
您忘記將CURLOPT_USERAGENT
設置為CURLOPT_USERAGENT
的版本(curl cli會自動執行此操作,而libcurl不會。在我的系統上,它是"curl/7.52.1"
)。
看來您將CURLOPT_SSLCERTPASSWD
與CURLOPT_KEYPASSWD
混合了。
這是--libcurl文件,您可以嘗試將其轉換為PHP:
/********* Sample code generated by the curl command line tool **********
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
#include <curl/curl.h>
int main(int argc, char *argv[])
{
CURLcode ret;
CURL *hnd;
struct curl_slist *slist1;
slist1 = NULL;
slist1 = curl_slist_append(slist1, "depth:1");
hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_URL, "https://www.url.fr/to/webdav/number/folder/");
curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 1L);
curl_easy_setopt(hnd, CURLOPT_PROXY, "http://proxyurl:80");
curl_easy_setopt(hnd, CURLOPT_PROXYUSERPWD, ":");
curl_easy_setopt(hnd, CURLOPT_PROXYAUTH, (long)CURLAUTH_NTLM);
curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/7.52.1");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, slist1);
curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, (long)CURL_HTTP_VERSION_2TLS);
curl_easy_setopt(hnd, CURLOPT_KEYPASSWD, "tempcertificat.pem:certifPassword");
curl_easy_setopt(hnd, CURLOPT_SSLCERT, "C");
curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L);
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
/* Here is a list of options the curl code used that cannot get generated
as source easily. You may select to either not use them or implement
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
CURLOPT_SEEKDATA set to a objectpointer
CURLOPT_SEEKFUNCTION set to a functionpointer
CURLOPT_ERRORBUFFER set to a objectpointer
CURLOPT_STDERR set to a objectpointer
CURLOPT_HEADERFUNCTION set to a functionpointer
CURLOPT_HEADERDATA set to a objectpointer
*/
ret = curl_easy_perform(hnd);
curl_easy_cleanup(hnd);
hnd = NULL;
curl_slist_free_all(slist1);
slist1 = NULL;
return (int)ret;
}
/**** End of sample code ****/
終於我明白了!
實際上,證書管理負責人忘了告訴我,我需要另一個私鑰和私有證書。
所以這是我的最終代碼:
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_NOPROGRESS, true);
curl_setopt($ch, CURLOPT_PROXY, $proxyAdresse);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.29.0");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
curl_setopt($ch, CURLOPT_MAXREDIRS, 50);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "toulouse31");
curl_setopt($ch, CURLOPT_SSLCERT, "/var/www/html/myapplication/certificats/certServeurTM.pem");
curl_setopt($ch, CURLOPT_SSLCERT, "/var/www/html/myapplication/certificats/default.crt");
curl_setopt($ch, CURLOPT_SSLKEY, "/var/www/html/myapplication/certificats/default.privkey");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
謝謝大家,為您提供幫助:)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.