누구든지 다음 컬 명령이 중단되는 이유나 진단 방법을 말해 줄 수 있습니까?
curl 'https://www.nasdaq.com/' -H 'User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'DNT: 1' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1'
-v 옵션으로 실행할 때 출력은 다음과 같습니다("Old SSL session..."에 매달려 있음).
* Trying 104.81.179.248:443...
* Connected to www.nasdaq.com (104.81.179.248) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /home/ubuntu/anaconda2/ssl/cacert.pem
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=US; ST=Connecticut; L=Shelton; O=NASDAQ, INC.; CN=www.nasdaq.com
* start date: Jun 15 00:00:00 2020 GMT
* expire date: Oct 20 12:00:00 2020 GMT
* subjectAltName: host "www.nasdaq.com" matched cert's "www.nasdaq.com"
* issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: www.nasdaq.com
> Accept-Encoding: deflate, gzip
> User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
> Accept-Language: en-US,en;q=0.5
> DNT: 1
> Connection: keep-alive
> Upgrade-Insecure-Requests: 1
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
새로운 AWS Ubuntu 서버 16.04 및 18.04 Amazon AMI 인스턴스를 생성하고 컬 명령을 실행하면 16.04에서는 중단되지만 18.04에서는 중단되지 않습니다. 14.04를 실행하는 다른 시스템에서 Conda를 사용하여 컬 및 openssl을 18.04 시스템보다 최신 버전으로 업데이트했는데 최신 버전에도 불구하고 여전히 작동하지 않습니다.
다음은 14.04 시스템에서 컬 --version을 실행한 결과입니다.
curl 7.71.1 (x86_64-conda_cos6-linux-gnu) libcurl/7.71.1 OpenSSL/1.1.1g zlib/1.2.11 libssh2/1.9.0
Release-Date: 2020-07-01
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS GSS-API HTTPS-proxy IPv6 Kerberos Largefile libz NTLM NTLM_WB SPNEGO SSL TLS-SRP UnixSockets
Ubuntu 18.04 AWS 인스턴스에서 실행되는 동일한 콘텐츠는 다음과 같습니다.
curl 7.58.0 (x86_64-pc-linux-gnu) libcurl/7.58.0 OpenSSL/1.1.1 zlib/1.2.11 libidn2/2.0.4 libpsl/0.19.1 (+libidn2/2.0.4) nghttp2/1.30.0 librtmp/2.3
Release-Date: 2018-01-24
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
다음은 다른 18.04 시스템에서 Conda의 컬을 사용하고 잘 작동하는 동일한 콘텐츠입니다.
curl 7.63.0 (x86_64-conda_cos6-linux-gnu) libcurl/7.63.0 OpenSSL/1.1.1g zlib/1.2.11 libssh2/1.8.0
Release-Date: 2018-12-12
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets HTTPS-proxy
두 작업 시스템 모두 HTTPS 프록시를 기능으로 나열하지만 작동하지 않는 시스템은 그렇지 않습니다. 이것이 문제가 될 수 있습니까?
답변1
ipv6
내 경우에는 예를 들어 Ubuntu에서 비활성화해야 했습니다 .
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1