SSLError:Python服务器故障(HTTP\u请求\u ssl.c:777)
我的应用程序有一个服务器,其中等待连接的过程如下:SSLError:Python服务器故障(HTTP\u请求\u ssl.c:777),python,server,pyopenssl,Python,Server,Pyopenssl,我的应用程序有一个服务器,其中等待连接的过程如下: sckt = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server = ('', port_server) sckt.bind(server) sckt.listen(5) try: while True: new_sckt, client = sckt.accept() conn = ssl.wrap_socket(new_sckt, serv
sckt = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server = ('', port_server)
sckt.bind(server)
sckt.listen(5)
try:
while True:
new_sckt, client = sckt.accept()
conn = ssl.wrap_socket(new_sckt, server_side=True, ca_certs=certClient, cert_reqs=ssl.CERT_REQUIRED, certfile=certServer, keyfile=keyServer)
_thread.start_new_thread(self.waitUserCommand, tuple([conn, client]))
finally:
conn.close()
客户端通过以下方式连接到服务器:
sckt = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
conn = ssl.wrap_socket(sckt, server_side=False, ca_certs=certServer, cert_reqs = ssl.CERT_REQUIRED, certfile=certClient, keyfile=keyClient)
conn.connect((ip_server, port_server))
在某些客户端连接之后发生故障,出现以下消息:
Traceback (most recent call last):
File "server.py", line 260, in <module>
server.startServer()
File "server.py", line 90, in startServer
keyfile=keyServer)
File "/usr/local/lib/python3.6/ssl.py", line 1149, in wrap_socket
ciphers=ciphers)
File "/usr/local/lib/python3.6/ssl.py", line 814, in __init__
self.do_handshake()
File "/usr/local/lib/python3.6/ssl.py", line 1068, in do_handshake
self._sslobj.do_handshake()
File "/usr/local/lib/python3.6/ssl.py", line 689, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:777)
回溯(最近一次呼叫最后一次):
文件“server.py”,第260行,在
server.startServer()
startServer中第90行的文件“server.py”
keyfile=keyServer)
文件“/usr/local/lib/python3.6/ssl.py”,第1149行,在wrap_套接字中
密码=密码)
文件“/usr/local/lib/python3.6/ssl.py”,第814行,在__
self.do_握手
文件“/usr/local/lib/python3.6/ssl.py”,第1068行,在Dou握手中
赛尔夫:握手
文件“/usr/local/lib/python3.6/ssl.py”,第689行,在do_握手中
赛尔夫:握手
ssl.SSLError:[ssl:HTTP\u请求]HTTP请求(\u ssl.c:777)
值得一提的是,此错误发生在连接结束之后和下一个连接开始之前。i、 例如,客户机处于脱机状态,服务器仅在等待新连接(不执行任何操作)。此外,我的应用程序使用了另一台工作方式类似的服务器,但在我的实验中没有出现故障。让我们调试一下
握手()吗
SSL\R\u HTTP\u请求
:
git clone git://git.openssl.org/openssl.git
cd openssl
HTTP_请求在哪里:
➜ openssl git:(master) grep -Rn 'HTTP_REQUEST' .
./crypto/err/openssl.txt:2454:SSL_R_HTTP_REQUEST:156:http request
./include/openssl/sslerr.h:530:# define SSL_R_HTTP_REQUEST 156
./ssl/record/ssl3_record.c:316: SSL_R_HTTP_REQUEST);
./ssl/ssl_err.c:845: {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_HTTP_REQUEST), "http request"},
./test/ossl_shim/ossl_config.json:260: ":HTTP_REQUEST:":"http request",
openssl中发生了什么:
➜ openssl git:(master) grep -Rn 'SSL_R_HTTP_REQUEST' -A 20 -B 20 openssl/ssl/record/ssl3_record.c
openssl/ssl/record/ssl3_record.c-296- /*
openssl/ssl/record/ssl3_record.c-297- * Send back error using their minor version number :-)
openssl/ssl/record/ssl3_record.c-298- */
openssl/ssl/record/ssl3_record.c-299- s->version = (unsigned short)version;
openssl/ssl/record/ssl3_record.c-300- }
openssl/ssl/record/ssl3_record.c-301- SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_F_SSL3_GET_RECORD,
openssl/ssl/record/ssl3_record.c-302- SSL_R_WRONG_VERSION_NUMBER);
openssl/ssl/record/ssl3_record.c-303- return -1;
openssl/ssl/record/ssl3_record.c-304- }
openssl/ssl/record/ssl3_record.c-305-
openssl/ssl/record/ssl3_record.c-306- if ((version >> 8) != SSL3_VERSION_MAJOR) {
openssl/ssl/record/ssl3_record.c-307- if (RECORD_LAYER_is_first_record(&s->rlayer)) {
openssl/ssl/record/ssl3_record.c-308- /* Go back to start of packet, look at the five bytes
openssl/ssl/record/ssl3_record.c-309- * that we have. */
openssl/ssl/record/ssl3_record.c-310- p = RECORD_LAYER_get_packet(&s->rlayer);
openssl/ssl/record/ssl3_record.c-311- if (strncmp((char *)p, "GET ", 4) == 0 ||
openssl/ssl/record/ssl3_record.c-312- strncmp((char *)p, "POST ", 5) == 0 ||
openssl/ssl/record/ssl3_record.c-313- strncmp((char *)p, "HEAD ", 5) == 0 ||
openssl/ssl/record/ssl3_record.c-314- strncmp((char *)p, "PUT ", 4) == 0) {
openssl/ssl/record/ssl3_record.c-315- SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_GET_RECORD,
openssl/ssl/record/ssl3_record.c:316: SSL_R_HTTP_REQUEST);
openssl/ssl/record/ssl3_record.c-317- return -1;
openssl/ssl/record/ssl3_record.c-318- } else if (strncmp((char *)p, "CONNE", 5) == 0) {
openssl/ssl/record/ssl3_record.c-319- SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_GET_RECORD,
openssl/ssl/record/ssl3_record.c-320- SSL_R_HTTPS_PROXY_REQUEST);
openssl/ssl/record/ssl3_record.c-321- return -1;
openssl/ssl/record/ssl3_record.c-322- }
openssl/ssl/record/ssl3_record.c-323-
openssl/ssl/record/ssl3_record.c-324- /* Doesn't look like TLS - don't send an alert */
openssl/ssl/record/ssl3_record.c-325- SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_GET_RECORD,
openssl/ssl/record/ssl3_record.c-326- SSL_R_WRONG_VERSION_NUMBER);
openssl/ssl/record/ssl3_record.c-327- return -1;
openssl/ssl/record/ssl3_record.c-328- } else {
openssl/ssl/record/ssl3_record.c-329- SSLfatal(s, SSL_AD_PROTOCOL_VERSION,
openssl/ssl/record/ssl3_record.c-330- SSL_F_SSL3_GET_RECORD,
openssl/ssl/record/ssl3_record.c-331- SSL_R_WRONG_VERSION_NUMBER);
openssl/ssl/record/ssl3_record.c-332- return -1;
openssl/ssl/record/ssl3_record.c-333- }
openssl/ssl/record/ssl3_record.c-334- }
暂定答案
当服务器响应时,ssl服务器期待HTTP响应,但没有收到HTTP响应?要问的其他问题是什么版本的OpenSSL?Python3.6的具体版本是什么
为什么它看不见
strncmp((char *)p, "GET ", 4) == 0 ||
strncmp((char *)p, "POST ", 5) == 0 ||
strncmp((char *)p, "HEAD ", 5) == 0 ||
strncmp((char *)p, "PUT ", 4) == 0)
也许,没有客户端连接,并且错误没有在空套接字请求上处理,或者类似的情况?只想说这是一个很好的答案,它显示了您了解错误来源的过程。非常感谢。