【发布时间】:2015-01-11 08:51:29
【问题描述】:
以下代码有问题,SSLV3 握手失败:
import aiohttp
import asyncio
import ssl
def main():
conn = set_conn()
loop = asyncio.get_event_loop()
loop.run_until_complete(get_thing('https://example.com', conn))
@asyncio.coroutine
def get_thing(url, conn):
response = yield from aiohttp.request('get', url, connector=conn)
print(response.text)
def set_conn():
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
context.verify_mode = ssl.CERT_REQUIRED
context.check_hostname = True
context.load_verify_locations('/path/to/cert.pem')
conn = aiohttp.TCPConnector(ssl_context=context)
return conn
if __name__ == "__main__":
main()
堆栈跟踪:
Traceback (most recent call last):
File "/Users/grahat03/workspace/ent/env/lib/python3.4/site-packages/aiohttp/connector.py", line 344, in _create_connection
**kwargs))
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/base_events.py", line 437, in create_connection
sock, protocol_factory, ssl, server_hostname)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/base_events.py", line 453, in _create_connection_transport
yield from waiter
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/futures.py", line 348, in __iter__
yield self # This tells Task to wait for completion.
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/tasks.py", line 370, in _wakeup
value = future.result()
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/futures.py", line 243, in result
raise self._exception
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/selector_events.py", line 605, in _on_handshake
self._sock.do_handshake()
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/ssl.py", line 805, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:598)
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/Users/grahat03/workspace/ent/env/lib/python3.4/site-packages/aiohttp/connector.py", line 164, in connect
transport, proto = yield from self._create_connection(req)
File "/Users/grahat03/workspace/ent/env/lib/python3.4/site-packages/aiohttp/connector.py", line 348, in _create_connection
(req.host, req.port)) from exc
aiohttp.errors.ClientOSError: Can not connect to example.com:443
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "stackoverflow.py", line 26, in <module>
main()
File "stackoverflow.py", line 10, in main
loop.run_until_complete(get_thing(urls[0], conn))
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/base_events.py", line 208, in run_until_complete
return future.result()
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/futures.py", line 243, in result
raise self._exception
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/asyncio/tasks.py", line 317, in _step
result = coro.throw(exc)
File "stackoverflow.py", line 14, in get_thing
response = yield from aiohttp.request('get', url, connector=conn)
File "/Users/grahat03/workspace/ent/env/lib/python3.4/site-packages/aiohttp/client.py", line 104, in request
conn = yield from connector.connect(req)
File "/Users/grahat03/workspace/ent/env/lib/python3.4/site-packages/aiohttp/connector.py", line 168, in connect
raise ClientOSError() from exc
aiohttp.errors.ClientOSError
我使用的是 Mac OSX 10.9.5,Python 版本:
python3 -c "import sys; print(sys.version)"
3.4.1 (v3.4.1:c0e311e010fc, May 18 2014, 00:54:21)
[GCC 4.2.1 (Apple Inc. build 5666) (dot 3)]
OpenSSL 好像没问题,我可以如下连接:
openssl s_client -connect example.com:443 -cert /path/to/cert.pem
我怀疑在创建 ssl 上下文时我没有正确执行某些操作。请问有什么想法吗?
【问题讨论】:
-
您是否尝试通过
urllib或requests获取相同的资源? -
我可以用
requests检索资源没有问题。 -
顺便说一句,你确定
SSLV3吗?在您的示例中,您确实使用了SSLV23,这是不同的协议。 -
我也想知道,但堆栈跟踪与我使用的代码相对应。
-
嗯。不知道。您可以在github.com/KeepSafe/aiohttp/issues 中提交错误,但我怀疑我是否可以帮助您。我需要一个代码示例来重现您的案例,使用“example.com”并且没有真正的证书是不可能的。不过,自签名对和手工制作的 aiohttp.web 服务器可能没问题。
标签: python macos python-3.x ssl python-asyncio