CURL PHP handshake failure SSL - php

I have the following code :
<?php
$cookie_file_path = "cookie.txt"; //
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'theurl');
curl_setopt($ch, CURLOPT_POSTFIELDS,'blocPnr_textField_labelNom='.urlencode('www').'&blocPnr_textField_labelPnr='.urlencode('xxx').'&blocPnr_valider=Submit');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSLVERSION,3);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3");
curl_setopt($ch, CURLOPT_REFERER, "theurl");
$page = curl_exec($ch);
var_dump($page);
echo 'error:' . curl_error($ch);
?>
It gives me the following error:
bool(false) error:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
I can't figure out where the pb comes from. I looked for similar error message on Google and S/O but haven't found any solution.


You're trying to use version 3 of the SSL protocol which is either refused or unsupported by the server. The POODLE attack pushed a lot of system administrators to drop support for SSLv3 and its usage is not so widespread anymore (and definitely not recommended).
When you have SSL handshake errors, try different versions of SSL/TLS until one works (preferably the most secure). If you have a doubt, using CURL_SSLVERSION_DEFAULT works in most cases.
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_DEFAULT);
It seems that formulaire.sncf.com supports TLSv1.0. You could also force use that protocol version:
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);

Related

cURL Error: OpenSSL SSL_connect: SSL_ERROR_SYSCALL

I have a system foe my personal use, but in the last days just got the error "cURL Error: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.comprasnet.gov.br:443".
Coincidentally the above URL got Unsecure minutes before this error shown up.
[Unsafe/Unsecure website][1]
Im not a programmer, so if anyone could help me out. I tried a lot of things in the internet but with no luck.
Here's the code i'm using: I'm usaing wampp and run this in localhost
$ch = curl_init();
// opcoes
curl_setopt($ch, CURLOPT_URL, "https://www.comprasnet.gov.br/pregao/fornec/Acompanhar.asp");
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0');
curl_setopt($ch, CURLOPT_SSLVERSION, 3);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//$cookiefile = dirname(__FILE__)."/cookie.php" ;
//curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookiefile);
//curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookiefile);
//executar sessao
$output = curl_exec($ch);
if ($output === FALSE) { // verifica erros no curl
echo "cURL Error: " . curl_error($ch);
}
$output = strtr($output, $conversao); // função de conversão acentuado/não acentuado
//fechar sessao
curl_close($ch);```
[1]: https://i.stack.imgur.com/a3xlA.png

Which command for "whois.pir.org" in PHP with Curl?

I need to test a whois service to test domain names with PHP and a proxy connection with authentification. It works very well for whois.verisign-grs.com for the .com or whois.nic.fr for the .fr, but for the .org, I have the following result, and I don't understand what command it is waiting for?
I couldn't find a doc to refer me.
Thanks !
result : string(57) "Neither object nor interpretation control keyword found
"
$server='whois.pir.org';
$domain='archive.org';
$useragent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$server);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, true);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_PROXYPORT, $port);
curl_setopt($ch, CURLOPT_PROXY, $proxy);
curl_setopt($ch, CURLOPT_PROXYTYPE, 'CURLPROXY_SOCKS5');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $userpass);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "$domain \r\n");
//curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "-T dn $domain\r\n");
$result = curl_exec($ch);
var_dump($result);
curl_close($ch);

WHOIS is NOT a HTTP protocol.
If you need to access the WHOIS information via cURL, I suggest you to look into the existing API providers such as JSONWHOIS, IP2WHOIS or WHOXY.

Can't HTML Scrape Site Because Of SSL Error

I am working on a scraping script. It works on most websites but I cannot access a specific SSL site.
Here is my code:
if (!extension_loaded('openssl')){
// not occurring
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.chase.com/');
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
$result = curl_exec($ch);
if($result === false)
{
$err = curl_error($ch);
//$err = SSL read: error:00000000:lib(0):func(0):reason(0), errno 10054
}
$result is always FALSE, and it shows this error message:
SSL read: error:00000000:lib(0):func(0):reason(0), errno 10054
But it works on other websites that have SSL. I also checked phpinfo(), cURL and OpenSSL are active. I am using WAMP, any ideas?

You need to set a Useragent. I tested with and without one and it fixes the issue. It appears Chase is wanting a UA to be provided in the request.
So add this:
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US)');

I solved issue by just using following PHP librery.
https://github.com/rmccue/Requests
[use this library code on your Linux based server, may be it will not work on xampp or wamp ]

How to store multiple cookies through PHP Curl

'SOUP.IO' is not providing any api. So Iam trying to use 'PHP Curl' to login and submit data through PHP.
Iam able to login the website successfully(through cUrl), but when I try to submit data through cUrl, it gives me error of 'invalid user'.
When I tried to analysed the code and website, I came to know that cUrl is getting values of only 1-2 cookies. Where as when I open the same page in FireFox, it shows me 6-7 cookies related to 'SOUP.IO'.
Can some one guide me how to get all these 7 cookies values.
Following cookies are getable by cUrl:
soup_session_id
Following cookies are shown in Firefox (not through cUrl):
__qca, __utma, __utmb, __utmc, __utmz
Following is my cUrl code:
<?php
session_start();
$cookie_file_path = getcwd()."/cookie/cookie.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://www.soup.io');
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) FirePHP/0.4');
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$result = curl_exec($ch);
curl_close($ch);
print_r($result);
?>
Can some one guide me in this regards
Thanks in advance

These extra "underscore" cookies seem like Google Analytics or similar tracking cookies, most likely set via Javascript. That's the reason they don't show up when using cURL. I'd venture the guess that they're not the problem.

A couple of things i noticed once i signup and went into the area. The domain all my action happens is "user.soup.io" and not "www.soup.io" , that could be the reason behind your invalid user error. Try to set the url to your own subdomain AFTER the login is complete and see how it goes. Also what data are you exactly trying to post?
This may not be relevant but soup.io doesnt seem to use HTTPS, so why use:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);

Here is my curl code which Iam trying to use for sending data to soup.io after suceesful login through cUrl
$storedata = array();
$storedata["post[title]"] = 'Phoonk 2 (16th April 2010)';
$storedata["post[body]"] = 'Ramgopal Varma\'s love for horror and supernatural continues. This time, in PHOONK 2, the team behind PHOONK promise more chills, more thrills and more screams. But what you get to hear at the end of the screening is a moan, since PHOONK 2 lacks the chills, thrills and screams that were the mainstay of its first part.';
$storedata["post[tags]"] = 'Bollywood Movie, Indian movie';
$storedata["commit"] = 'Save';
$storedata["post[id]"] = '';
$storedata["post[type]"] = 'PostRegular';
$storedata["post[parent_id]"] = '';
$storedata["post[original_id]"] = '';
$storedata["post[edited_after_repost]"] = '';
$store_post_str = '';
foreach($storedata as $key => $value){
$store_post_str .= $key.'='.urlencode($value).'&';
}
$store_post_str = substr($store_post_str, 0, -1);
$ch2 = curl_init();
curl_setopt($ch2, CURLOPT_URL, 'http://loekit.soup.io/save');
curl_setopt($ch2, CURLOPT_VERBOSE, 1);
curl_setopt($ch2, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch2, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch2, CURLOPT_HEADER, TRUE);
curl_setopt($ch2, CURLOPT_ENCODING, 'gzip,deflate');
//curl_setopt($ch2, CURLOPT_COOKIEJAR, $cookie_file_path);
//curl_setopt($ch2, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch2, CURLOPT_REFERER, 'http://loekit.soup.io/');
curl_setopt($ch2, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) FirePHP/0.4');
curl_setopt($ch2, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch2, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch2, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch2, CURLOPT_POSTFIELDS, $store_post_str);
curl_setopt($ch2, CURLOPT_POST, TRUE);

Payment Gateway using cURL with SSL?

I am processing credit cards using a payment gateway. To POST the data to their servers, I am using cURL in PHP. I have an SSL certificate issued to my domain, to ensure all POST'ed data is encrypted. Because the SSL certificate is already installed, do I still need to use the SSL options for cURL? If so, which of the options do I need to set given my setup?
I have tried the following code unsuccessfully:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://secure.paymentgateway.com/blah.php");
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_CAINFO, getcwd().'/cert/ca.crt');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'/cert/mycert.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'password');
curl_setopt($ch, CURLOPT_POST, $count);
curl_setopt($ch,CURLOPT_POSTFIELDS,"variables...");
$output = curl_exec($ch);
echo $output;
curl_close($ch);

Well you already disabled the verification (which I don't recommend: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);). This opens you for Man-in-the-middle attacks.
Here's a simple tutorial that might help you:
http://developer.paypal-portal.com/pdn/board/message?board.id=ipn&message.id=12754#M12754

Categories