Geek Answers Handbook

Libcurl stops working, SSL connection error

I am working on a program for personal use that periodically deletes several web pages. One of them requires the use of SSL, and its main URL is actually a load balancer, which is redirected to a different domain each time from a list of several (I'm not sure if this is relevant). I am completely new to libcurl and SSL in particular, so maybe I am missing something obvious, but I don’t think so.

The program works fine for a while (so far, no more than an hour), but as soon as it first receives an SSL connection error, it will constantly give the same error every time. This is always a different amount of time and a different volume of successful requests before it starts to fail.

The error buffer always contains the following: schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (eg handshake failed). More detail may be available in the Windows System event log. schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (eg handshake failed). More detail may be available in the Windows System event log.

There is nothing useful in eventvwr . Looks for this error code, returns results about problems with self-signed certificates in earlier versions of Windows Server, but a little more. I do not control the server to which I connect, but I doubt that this is a Windows window.

I'm running out of ideas here, so I'm going to give any details that may make a difference. I cannot post any actual source code because I filtered out all the curls in several classes, so I would have to insert many templates before others could figure it out. I confirmed using the Visual Studio debugger that this is what the actual calls come down to, though.

I initialize libcurl in the main thread before creating others, for example: curl_global_init(CURL_GLOBAL_WIN32 | CURL_GLOBAL_SSL);

Then I create and initialize the actual curl handle in the second thread and only in this thread, for example:

 m_handle = curl_easy_init(); curl_easy_setopt(m_handle, CURLOPT_WRITEDATA, this); curl_easy_setopt(m_handle, CURLOPT_WRITEFUNCTION, write); curl_easy_setopt(m_handle, CURLOPT_DEBUGDATA, this); curl_easy_setopt(m_handle, CURLOPT_DEBUGFUNCTION, debug); curl_easy_setopt(m_handle, CURLOPT_VERBOSE, 1); curl_easy_setopt(m_handle, CURLOPT_ERRORBUFFER, &m_errormsg[0]); curl_easy_setopt(m_handle, CURLOPT_FOLLOWLOCATION, 1); curl_easy_setopt(m_handle, CURLOPT_COOKIEFILE, "");

I experimented with setting both CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER to 0, but that did not help.

I built libcurl from curl-7.43.0.tar.gz with nmake /f Makefile.vc mode=static VC=12 ENABLE_WINSSL=yes ENABLE_SSPI=yes MACHINE=x64 DEBUG=yes on Visual Studio 2013.

What is going on here and how to fix it?

+8
c ++ ssl winapi libcurl
source share
2 answers

I am going to assume that you use the same CURL handle for all of your requests (since you say: "I create and initialize the actual curl handle"). The solution will most likely create one CURL handle for each request made using curl_easy_perform (), and then curl_easy_cleanup ().

What you see is probably caused by the disconnection of the SSL connection by the server. But your CURL descriptor probably keeps its state as it is (i.e., with the end of the handshake), which no longer fits.

+4
source share
 CURL *handle = curl_easy_init(); char url[] = "https://google.com"; curl_easy_setopt(handle, CURLOPT_URL, url); curl_easy_perform(handle);

must work...

+2
source share

More articles:


All Articles