Curl not working in Jenkins jobs - windows

I am trying to trigger an remote Jenkins job from an host Jenkins server.
I have created build token. I am trying to call the job using the curl
curl.exe -v -x -K --insecure -u "username#username.com:pwd" POST https://hostname:8443/job/mypackjob/build?token=XXXIODFASDF
if use the same command from the command prompt (i.e Windows CMD) the job is getting triggered, but from the Jenkins job it is not working. I am getting HTTP/1.1 error.
* Rebuilt URL to: POST/
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Could not resolve host: POST
* Closing connection 0
curl: (6) Could not resolve host: POST
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 132.186.32.5...
* TCP_NODELAY set
* Connected to INCHNIISNW0113.net (132.186.32.5) port 8443 (#1)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [85 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [1580 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=INCHNIISNW0113.net
* start date: Nov 3 13:41:11 2016 GMT
* expire date: Dec 31 23:59:59 2039 GMT
* issuer: CN=API
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
* Server auth using Basic with user 'username#xxx.com'
} [5 bytes data]
> -K /job/2.50HR0API0Obfuscation/build?token=TRIGGERMEHRAPIBUILD HTTP/1.0
> Host: INCHNIISNW0113.net:8443
> Authorization: Basic **************
> User-Agent: curl/7.58.0
> Accept: */*
>
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0{ [5 bytes data]
**< HTTP/1.1 404 Not Found**
< Date: Wed, 18 Apr 2018 15:46:23 GMT
< X-Content-Type-Options: nosniff
< Server: Jetty(9.4.z-SNAPSHOT)
* no chunk, no close, no size. Assume close to signal end
<
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0{ [5 bytes data]
* TLSv1.2 (IN), TLS alert, Client hello (1):
{ [2 bytes data]
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
* Closing connection 1
} [5 bytes data]
* TLSv1.2 (OUT), TLS alert, Client hello (1):
} [2 bytes data]

Related

HTTPS Proxy curl

i am use
curl -x https://www.skillacademy.com --resolve www.skillacademy.com:443:104.18.24.139 https://www.skillacademy.com:443 -vvv
output is
root#localhost:~# curl -x https://www.skillacademy.com --resolve www.skillacademy.com:443:104.18.24.139 https://www.skillacademy.com:443 -vvv
* Added www.skillacademy.com:443:104.18.24.139 to DNS cache
* Hostname www.skillacademy.com was found in DNS cache
* Trying 104.18.24.139:443...
* Connected to www.skillacademy.com (104.18.24.139) port 443 (#0)
* ALPN: offers http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS Unknown, Certificate Status (22):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS change cipher, Change cipher spec (1):
* (304) (OUT), TLS Unknown, Certificate Status (22):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Proxy certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com
* start date: May 10 00:00:00 2022 GMT
* expire date: May 10 23:59:59 2023 GMT
* subjectAltName: host "www.skillacademy.com" matched cert's "*.skillacademy.com"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* allocate connect buffer
* Establish HTTP proxy tunnel to www.skillacademy.com:443
* (304) (OUT), TLS Unknown, Unknown (23):
> CONNECT www.skillacademy.com:443 HTTP/1.1
> Host: www.skillacademy.com:443
> User-Agent: curl/7.85.0
> Proxy-Connection: Keep-Alive
>
* (304) (IN), TLS Unknown, Certificate Status (22):
* (304) (IN), TLS handshake, Newsession Ticket (4):
* (304) (IN), TLS handshake, Newsession Ticket (4):
* (304) (IN), TLS Unknown, Unknown (23):
< HTTP/1.1 400 Bad Request
< Server: cloudflare
< Date: Tue, 18 Oct 2022 06:57:20 GMT
< Content-Type: text/html
< Content-Length: 155
< Connection: close
< CF-RAY: -
<
* Received HTTP code 400 from proxy after CONNECT
* CONNECT phase completed
* Closing connection 0
* (304) (OUT), TLS Unknown, Unknown (21):
* (304) (OUT), TLS alert, close notify (256):
curl: (56) Received HTTP code 400 from proxy after CONNECT
Look at Establish HTTP proxy tunnel to www.skillacademy.com:443
Why still HTTP not a HTTPS ?
what i try :
update openssl to latest
update curl to latest
Here output
root#localhost:~# curl -V
curl 7.85.0 (aarch64-unknown-linux-gnu) libcurl/7.85.0 OpenSSL/1.1.1q zlib/1.2.11
Release-Date: 2022-08-31
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS HSTS HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL threadsafe TLS-SRP UnixSockets
root#localhost:~# openssl version -a
OpenSSL 1.1.1q 5 Jul 2022
built on: Tue Oct 18 06:23:52 2022 UTC
platform: linux-aarch64
options: bn(64,64) rc4(char) des(int) idea(int) blowfish(ptr)
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DVPAES_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/ssl/lib/engines-1.1"
Seeding source: os-specific
root#localhost:~#
any help will apreciated

How to download file from cloudflare using curl?

As part of pipeline for building Debian package with popular game Factorio i need to download game's distribution files. This is without any problems in gui web browser.
I try to download file using curl but i still cannot solve problem with CSRF token:
#!/bin/sh
LOGIN=""
PASSWD=""
VERSION=`curl -s "https://api.github.com/repos/wube/factorio-data/tags" | jq -r '.[0].name'`
ARCHIVE="factorio_alpha_x64_${VERSION}.tar.xz"
CSRF=`curl -s -c ~/cookie.txt https://www.factorio.com/login | grep csrf_token | awk -F'"' '{print $8}'`
curl -v -c ~/cookie.txt -b ~/cookie.txt -H "X-CSRF-Token: ${CSRF}" -X POST -F "csrf_token=${CSRF}" -F "username_or_email=${LOGIN}" -F "password=${PASSWD}" https://www.factorio.com/login
curl -c ~/cookie.txt https://www.factorio.com/get-download/${VERSION}/alpha/linux64 > ${ARCHIVE}
The script run fail everytime with the final response:
vitex#exiv:~/Projects/Packaging/Games/factorio-deb$ ./downloader.sh
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 104.26.14.88:443...
* Connected to www.factorio.com (104.26.14.88) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
* CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com
* start date: Jul 6 00:00:00 2021 GMT
* expire date: Jul 5 23:59:59 2022 GMT
* subjectAltName: host "www.factorio.com" matched cert's "*.factorio.com"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55eea0a17d10)
> POST /login HTTP/2
> Host: www.factorio.com
> user-agent: curl/7.76.1
> accept: */*
> cookie: session=eyJjc3JmX3Rva2VuIjoiMTk2MmVlODBkMDJiMGFhODQ0N2U1OGZiYTEyZGQzMThjZTY5MTFkZCJ9.YXicKQ.D93FhsjkngmtONrHEFB6P0d4w8Y
> x-csrf-token: IjE5NjJlZTgwZDAyYjBhYTg0NDdlNThmYmExMmRkMzE4Y2U2OTExZGQi.YXicKQ.HKcRPgEkSRVU4_Xat-dCV31sHWg
> content-length: 461
> content-type: multipart/form-data; boundary=------------------------c63b0f58b7ac0deb
>
* We are completely uploaded and fine
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 400
< date: Wed, 27 Oct 2021 00:24:09 GMT
< content-type: text/html; charset=utf-8
< cache-control: no-cache
< x-frame-options: SAMEORIGIN
< strict-transport-security: max-age=31536000
< vary: Cookie
* Replaced cookie session="eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiMTk2MmVlODBkMDJiMGFhODQ0N2U1OGZiYTEyZGQzMThjZTY5MTFkZCJ9.YXicKQ.PbtfNJW_assTK0ZkBWujMpBVnuM" for domain factorio.com, path /, expire 0
< set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiMTk2MmVlODBkMDJiMGFhODQ0N2U1OGZiYTEyZGQzMThjZTY5MTFkZCJ9.YXicKQ.PbtfNJW_assTK0ZkBWujMpBVnuM; Domain=.factorio.com; Secure; HttpOnly; Path=/
< via: 1.1 vegur
< cf-cache-status: DYNAMIC
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZPVm%2FRu31d1J8IkHuFfcRwFad6vXWf2%2FbHrH3PCRg1GFuXfHgsJDXN10zPpE6ZaOP7I1ClCiaDo0i0tO%2B5kih95W6gO28pCyjiiA3oXOmJvFHr%2F4iipMg0xlK7v2rVQ51w%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 6a47c7a32c4f27a0-PRG
<
<!DOCTYPE html>
<html>
<head>
<title> 400 - CSRF Error | Factorio</title>
...
How i can better work with cookies recieved by first request ?
What is wrong here ?

Login to a php site with curl

I am trying to do a bash script to login to a php site via curl. In this way (always with curl) I will be able to download a file.
The site in question is this:
"https://web.spaggiari.eu/home/app/default/login.php"
I thought I could use this command to login by sending a cookie:
curl --anyauth --user username:password https://web.spaggiari.eu/
and then try to download the file from this site using this command (The site below is where I should download the file from):
curl -v https://web.spaggiari.eu/fml/app/default/xml_export.php? 3Aclasse_id% 3A & gruppo_id =% 3Agruppo_id% 3A & ope = RPT & dal = 2020-11-03 & al = 2020-11-03 & format = xls
The output of the command though is this:
* Expire in 2 ms for 1 (transfer 0x558707881f50)
* Trying 159.69.111.222...
* TCP_NODELAY set
* Expire in 149996 ms for 3 (transfer 0x558707881f50)
* Expire in 200 ms for 4 (transfer 0x558707881f50)
* Connected to web.spaggiari.eu (159.69.111.222) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=*.spaggiari.eu
* start date: May 29 00:00:00 2020 GMT
* expire date: May 29 12:00:00 2022 GMT
* subjectAltName: host "web.spaggiari.eu" matched cert's "*.spaggiari.eu"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=GeoTrust RSA CA 2018
* SSL certificate verify ok.
> GET /fml/app/default/xml_export.php?stampa=%3Astampa%3A HTTP/1.1
> Host: web.spaggiari.eu
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Server: nginx/1.18.0
< Date: Tue, 03 Nov 2020 19:30:46 GMT
< Content-Type: text/html; charset=UTF-8
< Content-Length: 0
< Connection: keep-alive
< X-Frame-Options: SAMEORIGIN;
< Content-Security-Policy: script-src 'self' filesystem: 'unsafe-eval' 'unsafe-inline' *.spaggiari.eu https://ajax.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://code.jquery.com/ https://d31qbv1cthcecs.cloudfront.net/atrk.js https://fonts.googleapis.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://www.googletagmanager.com/ https://www.gstatic.com/recaptcha/;frame-ancestors 'self' file: *.spaggiari.eu;
< Set-Cookie: PHPSESSID=pc6u2mc162b30ek2gp9u6phdpt7q85kv; path=/; secure; HttpOnly
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Location: ../../../home/app/default/login.php
< X-ZVersion: c
< Pragma: public
< Cache-Control: public, must-revalidate, proxy-revalidate
<
* Connection #0 to host web.spaggiari.eu left intact
That's a redirection sending me to the login page.
So it tells that I have an authentication problem i think.
Now I don't understand what I have to do to be able to log in. I have the correct credentials, but I think I am doing something wrong with the command used.
Thanks everyone for the answers.

Curl command line to send email via gmail

Hi I have had a search on this already and I cannot work out why this keeps failing. I'm using the following curl command to send an email via a gmail account. fails on authentication.
I have tried two accounts one that has 2 factor setup with an app password, and one that just has less secure apps enabled.
both just fail to authenticate.
curl --ssl-reqd --url smtp://smtp.gmail.com:587 --mail-from myemail#gmail.com --mail-rcpt otheremail#gmail.com --user 'myemail#gmail.com:password' --cacert cacert.pem --upload-file mail.txt --TLSv1.2 --tls-max 1.2 --verbose
the cacert.pem came from here https://curl.haxx.se/ca/cacert.pem
This is the output from curl
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 64.233.167.109:587...
* TCP_NODELAY set
* Connected to smtp.gmail.com (64.233.167.109) port 587 (#0)
< 220 smtp.gmail.com ESMTP v11sm289228wml.26 - gsmtp
> EHLO mail.txt
< 250-smtp.gmail.com at your service, [x.x.x.x]
< 250-SIZE 35882577
< 250-8BITMIME
< 250-STARTTLS
< 250-ENHANCEDSTATUSCODES
< 250-PIPELINING
< 250-CHUNKING
< 250 SMTPUTF8
> STARTTLS
< 220 2.0.0 Ready to start TLS
* successfully set certificate verify locations:
* CAfile: c:\utils\curl-7.68.0-win64-mingw\bin\cacert.pem
CApath: none
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [208 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [91 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [2342 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [114 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-ECDSA-CHACHA20-POLY1305
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google LLC; CN=smtp.gmail.com
* start date: Sep 22 15:25:59 2020 GMT
* expire date: Dec 15 15:25:59 2020 GMT
* subjectAltName: host "smtp.gmail.com" matched cert's "smtp.gmail.com"
* issuer: C=US; O=Google Trust Services; CN=GTS CA 1O1
* SSL certificate verify ok.
} [5 bytes data]
> EHLO mail.txt
{ [5 bytes data]
< 250-smtp.gmail.com at your service, [x.x.x.x]
< 250-SIZE 35882577
< 250-8BITMIME
< 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
< 250-ENHANCEDSTATUSCODES
< 250-PIPELINING
< 250-CHUNKING
< 250 SMTPUTF8
} [5 bytes data]
> AUTH PLAIN
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0{ [5 bytes data]
< 334
} [5 bytes data]
> ACdhbmR5cGRzMjAxNEBnbWFpbC5jb20AYW9ub3hubnB2Y3N3aGR1bic=
{ [5 bytes data]
< 535-5.7.8 Username and Password not accepted. Learn more at
< 535 5.7.8 https://support.google.com/mail/?p=BadCredentials v11sm289228wml.26 - gsmtp
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
} [5 bytes data]
* TLSv1.2 (OUT), TLS alert, close notify (256):
} [2 bytes data]
curl: (67) Login denied```
I cannot see why this is not working, I can use the app password in another app that does not use OAuth and that lets me send emails OK.
I'm new to using curl and any help will be apricated.
Thanks.
Andy.
Edit: I have also tried this on my linuxVM and that worked fined with GMail, so I tried again in windows and still failed. I just removed the quotes from the user field and it worked fine.
So as I put in the edited question. I have solved it.
the --user 'myemail#gmail.com:password' need the single quotes removing from it and it now connects and sends the mail.
Hopefully this will aid someone else in the future.

Elasticsearch curl post hangs and times out in a CI job

I'm trying to upload some data to Elasticsearch via Curl in a CI job. The Curl command I believe is correct and works perfectly locally. However within the job it appears to hang and then times out after 30 seconds.
Here is the Curl command:
curl -u $user:$password \
-XPOST "${HOST}${INDEX}/data" \
-H 'Content-Type: application/json' \
-d "$json_data" \
--max-time 30 \
--verbose
Here is the verbose output:
Note: Unnecessary use of -X or --request, POST is already inferred.
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Trying <IP-ADDRESS>...
* TCP_NODELAY set
* Connected to <HOST> (<IP-ADDRESS>) port <PORT> (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [58 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3024 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [556 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
* ...
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
* Server auth using Basic with user '<USERNAME>'
* Using Stream ID: 1 (easy handle 0x565087a74580)
} [5 bytes data]
> POST /elasticsearch/<INDEX>/data HTTP/2
> Host: <HOST>
> Authorization: Basic <KEY>
> User-Agent: curl/7.58.0
> Accept: */*
> Content-Type: application/json
> Content-Length: 13735
>
{ [5 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
} [5 bytes data]
* We are completely uploaded and fine
{ [5 bytes data]
100 13735 0 0 100 13735 0 11388 0:00:01 0:00:01 --:--:-- 11388
100 13735 0 0 100 13735 0 6220 0:00:02 0:00:02 --:--:-- 6220
100 13735 0 0 100 13735 0 4280 0:00:03 0:00:03 --:--:-- 4280
...
100 13735 0 0 100 13735 0 469 0:00:29 0:00:29 --:--:-- 0
* Operation timed out after 30001 milliseconds with 0 bytes received
100 13735 0 0 100 13735 0 457 0:00:30 0:00:30 --:--:-- 0
* Connection #0 to host <HOST> left intact
curl: (28) Operation timed out after 30001 milliseconds with 0 bytes received
It looks like the host can be reached by the CI job but seems to hang for some reason. If I remove the timeout limit I get a curl: (56) OpenSSL SSL_read: SSL_ERROR_SYSCALL, errno 110 error. According to the libcurl docs the 56 error code is when there is a failure receiving network data, which is strange as it’s doing a POST. Everything works fine locally, but this error is happening with every job. Any ideas?

Resources