[Probably OT] Strange loss of ability to do SSL (through curl)

Ben Rubinstein benr_mc at cogapp.com
Tue Jan 20 13:59:08 EST 2015


An app built in LC, sitting on an old box (PPC Mac Mini running 10.4.11) has 
for several years happily been running a few times a day to perform a batch 
job involving retrieve some data from a remote system, processing it, and 
pushing a report to a new location.

Recently, it's not been updating correctly, and investigation has shown that 
the cause is a failure to retrieve the remote data.

The remote system (a third-party SaaS product) has a REST interface, accessed 
with simple basic authentication over HTTPS.  I'm not aware that anything has 
changed in their API recently.

When I first wrote this app, I found that LC didn't correctly deal with the 
SSL portion (I forget the details); so I recoded it to use the shell function 
to invoke curl to retrieve each element.

This has worked fine for a long time.   But now the shell command is returning 
code 35, which according to man curl is:
   35     SSL connect error. The SSL handshaking failed.

So the weird thing is:
- if I run this app on my dev machine (Intel Mac running 10.8.5), it works 
fine, happily invoking curl and getting the result
- if I run the curl command in Terminal on the target machine, it works fine 
and retrieves the data
- if I create a shell script to run the curl command on the target machine, 
and invoke that shell script in Terminal, it works fine and retrieves the data
- if I modify the app to use 'shell' to run that shell script, instead of 
calling curl directly, it fails with code 35 again.

So curl, and shell, are happy on that machine; but using shell in an LC app to 
either invoke curl directly, or run a batch script which invokes curl, makes 
SSL fail.

I've marked this possibly OT because I don't think it's necessarily an LC 
problem.  I get the same result with a version of the app built in 2011 from 
LC 4.6.4 as with one built now with LC 6.5.2.  But then again, I'm not aware 
that anything has changed on the machine where this runs.

Something must have changed; my guess is that it is something in the setup of 
the remote service.  But the nature of that change doesn't disturb curl or 
shell running under Terminal on my target machine; nor when invoked from LC on 
my dev machine.

I'm guessing it must be something to do with the environment in which the 
shell command operates when invoked from LC, as opposed to launching a 
terminal window.  This goes considerably outside my knowledge area, so I'm 
appealing for suggestions as to where to investigate...

TIA

Ben




More information about the use-livecode mailing list