curl in csd-wrapper.sh can silently fail leaving the user at odds as to what went wrong
I was trying to configure openconnect with the /usr/libexec/openconnect/csd-wrapper.sh
script and I was getting a weird error because the following command:
curl $PINNEDPUBKEY -s "${URL}/sdesktop/hostscan/$ARCH/manifest" -o "$HOSTSCAN_DIR/manifest"
Was failing silently. After removing the -s
, the error I was facing was:
curl: (35) OpenSSL/3.0.8: error:0A000152:SSL routines::unsafe legacy renegotiation disabled
While this was a problem specific to my organization, it took me a while to debug what was going on. Ideally, the script should quickly fail when curl
is unable to download a file and provide feedback about what went wrong