通过SNI代理的Python SSL
[英]Python SSL via SNI Proxy
问题描述
I am having problems connecting via SNI Proxy server using Python, the following code snippet shows the connection and executing the script results in different connection errors (handshake, wrong version) depending upon which version of ssl is used: 
我在使用Python通过SNI代理服务器进行连接时遇到问题,以下代码段显示了连接,并且执行脚本会导致不同的连接错误(握手,错误的版本),具体取决于所使用的ssl版本:
#!/usr/bin/python
import requests
import ssl
from requests.adapters import HTTPAdapter
try:
from requests.packages.urllib3.poolmanager import PoolManager
except:
from urllib3.poolmanager import PoolManager
class SSLAdapter(HTTPAdapter):
def init_poolmanager(self, connections, maxsize, block=False):
ssl_version=ssl.PROTOCOL_TLSv1
#ssl_version=ssl.PROTOCOL_SSLv23
#ssl_version=ssl.PROTOCOL_SSLv3
assert_hostname = 'netflix.com'
self.poolmanager = PoolManager(num_pools=connections,maxsize=maxsize,block=block,ssl_version=ssl_version,assert_hostname=assert_hostname)
def newSession():
s = requests.Session()
s.mount('https://', SSLAdapter())
s.headers.update({'User-Agent': 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.6 Safari/537.36'})
return s
urlMain = "https://www.netflix.com"
session = None
session = newSession()
session.get(urlMain, verify=False).text
This results in: 结果是:
requests.exceptions.SSLError: [Errno 1] _ssl.c:510: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
Looking at the logs from the sniproxy server, you can see that the servername is omitted None[]; 查看来自sniproxy服务器的日志,可以看到省略了服务器名None [];
2015-02-22 08:25:23 000.000.73.222:59288 -> 000.00.77.145:443 -> NONE [] 0/0 bytes tx 0/0 bytes rx 20.179 seconds
How can I modify the script so that it sends the servername with the request ? 如何修改脚本,以便它随请求一起发送服务器名?
2 个解决方案
解决方案1
1 2015-02-22 12:11:19
pip install pyopenssl
pip install ndg-httpsclient
pip install pyasn1
should solve the problem. 应该解决问题。 Connect to https://alice.sni.velox.ch to verify if SNI is working. 连接到https://alice.sni.velox.ch以验证SNI是否正在运行。
using requests with TLS doesn't give SNI support 使用带有TLS的请求不会提供SNI支持
解决方案2
0 2015-02-22 10:41:22
me: Which version of python are you using?
OP: Just checked it is 2.7.6, are you sure about that ?
Yes, see https://www.mnot.net/blog/2014/12/27/python_2_and_tls_sni . 是的,请参见https://www.mnot.net/blog/2014/12/27/python_2_and_tls_sni 。 Which means your problem is that your are using a version of python which does not SNI. 这意味着您的问题是您使用的不是SNI的python版本。 So you either need to upgrade python itself or parts of it as described in urllib3 on python 2.7 SNI error on Google App Engine . 因此,您需要按照Google App Engine上的python 2.7 SNI错误的urllib3中的说明升级python本身或其一部分。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.