Python SSLError:客户端错误(EOF发生违反协议),服务器端错误(SS
我在使用
Python创建SSL套接字以使用需要身份验证的代理时遇到了一些困难.我很抱歉这个长度,但我觉得最好尽量详细说明.
首先,服务器代码如下所示: class ThreadedTCPServer(SocketServer.ThreadingMixIn,SocketServer.TCPServer): def __init__(self,server_address,RequestHandlerClass,client_manager,recv_queue): SocketServer.TCPServer.__init__(self,bind_and_activate=True) <snipped out extra code> class ThreadedTCPRequestHandler(SocketServer.BaseRequestHandler): def setup(self): while True: try: print 'trying to wrap in ssl' self.request = ssl.wrap_socket(self.request,certfile=(os.getcwd() + '/ssl_certs/newcert.pem'),keyfile=(os.getcwd() + '/ssl_certs/webserver.nopass.key'),server_side=True,cert_reqs=ssl.CERT_NONE,ssl_version=ssl.PROTOCOL_TLSv1,do_handshake_on_connect=False,suppress_ragged_eofs=True) break except Exception,ex: print 'error trying to wrap in ssl %s' % ex def handle(self): # Display message that client has connected print 'r[*] Received connection from %s:%sr' % (self.client_address[0],self.client_address[1]) while self.stopped() == False: recv_msg = self.request.read(1024) if recv_msg == '': self.stop.set() server.recv_queue.put(recv_msg) break else: server.recv_queue.put(recv_msg) if self.stopped(): print '[!] Received STOP signal from %s:%s; Exiting!' % (self.client_address[0],self.client_address[1]) 其次,这是客户端代码,我在其中设置通过需要身份验证的代理连接所需的信息: class proxyCommsHandler(): def __init__(self,user,password,remote_host,remote_port,list_of_proxies): # information needed to connect self.user = 'username' self.passwd = 'password' self.remote_host = 'remote_host_ip' self.remote_port = 8008 self.list_of_proxies = [['proxyserver.hostname.com',8080]] # setup basic authentication to send to the proxy when we try to connect self.user_pass = base64.encodestring(self.user + ':' + self.passwd) self.proxy_authorization = 'Proxy-authorization: Basic ' + self.user_pass + 'rn' self.proxy_connect = 'CONNECT %s:%s HTTP/1.1rn' % (self.remote_host,self.remote_port) self.user_agent = "User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1rn" self.proxy_pieces = self.proxy_connect + self.proxy_authorization + self.user_agent + 'rn' 现在,这里是我最初连接到代理的地方,在那里我没有错误(我得到’200’状态代码): self.proxy = socket.socket(socket.AF_INET,socket.SOCK_STREAM) self.proxy.connect( (proxy_host,proxy_port) ) self.proxy.sendall(self.proxy_pieces) self.response = proxy.recv(1024) 这是客户端失败的地方(我认为).我尝试使用self.proxy并将其包装在SSL中,如下所示: sslsock = ssl.wrap_socket(self.proxy,server_side=False,do_handshake_on_connect=True,ssl_version=ssl.PROTOCOL_TLSv1) 这是我在客户端上看到的错误: Traceback (most recent call last): File "C:Python27pyrevshell.py",line 467,in <module> proxyCommsHandler(None,None,list_of_proxies).run() File "C:Python27pyrevshell.py",line 300,in run ssl_version=ssl.PROTOCOL_TLSv1) File "C:Python27libssl.py",line 372,in wrap_socket ciphers=ciphers) File "C:Python27libssl.py",line 134,in __init__ self.do_handshake() File "C:Python27libssl.py",line 296,in do_handshake self._sslobj.do_handshake() SSLError: [Errno 8] _ssl.c:503: EOF occurred in violation of protocol 客户端确实连接,如此处的输出所示: trying to wrap in ssl [*] Received connection from x.x.x.x:47144 [*] x.x.x.x:47144 added to the client list 但接下来是一个例外: ---------------------------------------- Exception happened during processing of request from ('x.x.x.x',47144) Traceback (most recent call last): File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/SocketServer.py",line 582,in process_request_thread self.finish_request(request,client_address) File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/SocketServer.py",line 323,in finish_request self.RequestHandlerClass(request,client_address,self) File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/SocketServer.py",line 639,in __init__ self.handle() File "shell_server.py",line 324,in handle recv_msg = self.request.read(1024) File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py",line 138,in read return self._sslobj.read(len) SSLError: [Errno 1] _ssl.c:1348: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number ---------------------------------------- 虽然我意识到这听起来像一个基于抛出的异常的明显问题,但有趣的部分是: >我最初通过代理成功连接,如上所示 我在连接的两端都使用了Wireshark.使用普通浏览器并连接到服务器时,我看到整个SSL握手和协商过程,一切运行顺利. 但是,当我使用上面显示的客户端时,一旦我连接它,我看到客户端发送客户端Hello消息,但然后我的服务器发送一个RST数据包来终止连接(我还没有确定这是否是之前或抛出异常后). 我再次道歉,但我迫切需要专家建议. 解决方法
我已经找到了问题的问题.当我第一次通过代理连接时,我将self.user_agent发送到远程主机,这会干扰SSL握手.
为了解决这个问题,我在调用套接字上的ssl.wrap_socket之前在def setup(self)函数中放置了一个初始self.request.recv(). (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |