cURL Facebook connect:未知的SSL协议错误

时间:2017-05-04 10:27:39

标签: facebook ssl curl openssl libcurl

我正在尝试连接到facebook(通过wordpress-plugin),Wordpress使用cURL。 这个工作到上周都很顺利,但现在我在尝试连接时遇到以下错误:

cURL error 35: Unknown SSL protocol error in connection to graph.facebook.com:443

要查看它是否是wordpress或cURL问题,我在命令行中尝试了这个问题(cURL v7.47.0):

curl -v https://graph.facebook.com:443

这不起作用并提供以下输出:

* Rebuilt URL to: https://graph.facebook.com:443/
*   Trying 157.240.3.19...
* Connected to graph.facebook.com (157.240.3.19) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 695 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: Error in the pull function.
* Closing connection 0
curl: (35) gnutls_handshake() failed: Error in the pull function.

当我在我的虚拟机上尝试相同的操作时(cURL v7.35.0),这有效:

* Rebuilt URL to: https://graph.facebook.com:443/
* Hostname was NOT found in DNS cache
*   Trying 31.13.65.1...
* Connected to graph.facebook.com (31.13.65.1) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-ECDSA-AES128-GCM-SHA256
* Server certificate:
*        subject: C=US; ST=California; L=Menlo Park; O=Facebook, Inc.; CN=*.facebook.com
*        start date: 2016-12-09 00:00:00 GMT
*        expire date: 2018-01-25 12:00:00 GMT
*        subjectAltName: graph.facebook.com matched
*        issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA
*        SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: graph.facebook.com
> Accept: */*
>
< HTTP/1.1 400 Bad Request
< WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "Unsupported get request. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api"
< Access-Control-Allow-Origin: *
< Pragma: no-cache
< Cache-Control: no-store
< x-fb-rev: 2999583
< Content-Type: application/json; charset=UTF-8
< x-fb-trace-id: HQZT5c74sg/
< facebook-api-version: v2.3
< Expires: Sat, 01 Jan 2000 00:00:00 GMT
< Vary: Accept-Encoding
< X-FB-Debug: LV8vPkkNuJL3jABwLClvNFMdS+wAN1ogODJaLY14TjieV3rPXgWaEElPuSqNnQ3mO5qsj2H7OI2xAmlxjevIPA==
< Date: Thu, 04 May 2017 10:11:12 GMT
< Transfer-Encoding: chunked
< Connection: keep-alive
<
* Connection #0 to host graph.facebook.com left intact
{"error":{"message":"Unsupported get request. Please read the Graph API documentation at https:\/\/developers.facebook.com\/docs\/graph-api","type":"GraphMethodException","code":100,"fbtrace_id":"HQZT5c74sg\/"}}

我注意到Connected to graph.facebook.com (1.2.3.4) port 443 (#0)之后存在差异。 它工作到上周才开始(我直到哪一天都不知道),但我不知道我能改变它不再工作了。

有人知道我的问题是什么吗?

编辑: 我和另一个主机(google.com)尝试过相同的工作:

user@ubuntu:~$ curl -v https://google.com:443
* Rebuilt URL to: https://google.com:443/
*   Trying 172.217.19.14...
* Connected to google.com (172.217.19.14) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 695 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_ECDSA_AES_128_GCM_SHA256
*        server certificate verification OK
*        server certificate status verification SKIPPED
*        common name: *.google.com (matched)
*        server certificate expiration date OK
*        server certificate activation date OK
*        certificate public key: EC
*        certificate version: #3
*        subject: C=US,ST=California,L=Mountain View,O=Google Inc,CN=*.google.com
*        start date: Fri, 21 Apr 2017 08:25:00 GMT
*        expire date: Fri, 14 Jul 2017 08:25:00 GMT
*        issuer: C=US,O=Google Inc,CN=Google Internet Authority G2
*        compression: NULL
* ALPN, server accepted to use http/1.1
> GET / HTTP/1.1
> Host: google.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=UTF-8
< Referrer-Policy: no-referrer
< Location: https://www.google.ch/?gfe_rd=cr&ei=gAoLWdqnE-uX8QecpaaIBw
< Content-Length: 259
< Date: Thu, 04 May 2017 11:03:28 GMT
< Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
<
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="https://www.google.ch/?gfe_rd=cr&amp;ei=gAoLWdqnE-uX8QecpaaIBw">here</A>.
</BODY></HTML>
* Connection #0 to host google.com left intact

编辑2: 输出curl -V

curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets

1 个答案:

答案 0 :(得分:1)

问题不在于cURL或使用过的SSL库。它只是一个防火墙阻止了对facebook的请求。

相关问题
最新问题