[英]Problem with HTTPs request and SslStream on some sites
我有一個簡單的 C# 應用程序,它使用TcpClient
和SslStream
發出 HTTPs 請求。 一切正常,除了一些使用 TLS 1.3 的網站失敗。 我將項目升級到 .Net Framework 4.8,閱讀速度也很慢https://docs.microsoft.com/es-es/dotnet/framework/network-programming/tls但我無法實現解決方案。
我正在使用 Windows 10 64 位編譯 19041.508。
我可以提供的最小代碼示例是下一個:
using System;
using System.Text;
using System.Windows.Forms;
using System.IO;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
private void button1_Click(object sender, EventArgs e)
{
string hostname = "stackoverflow.com";
using (TcpClient tcpClient = new TcpClient())
{
tcpClient.Connect(hostname, 443);
//HTTP request headers
string reqString = "GET / HTTP/1.1" + "\r\n";
reqString += "Host: " + hostname + "\r\n";
reqString += "Connection: Close\r\n\r\n";
byte[] header_bytes = Encoding.ASCII.GetBytes(reqString);
using (SslStream sslStream = new SslStream(tcpClient.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(hostname, null, SslProtocols.Ssl3 | SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12 | SslProtocols.Tls13, false);
sslStream.Write(header_bytes, 0, header_bytes.Length);
string response = "";
using (var memory = new MemoryStream())
{
sslStream.CopyTo(memory, 81920);
memory.Position = 0;
byte[] data = memory.ToArray();
response = Encoding.UTF8.GetString(data);
textBox1.Text = response;
}
}
}
}
//Validate certificates
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors == SslPolicyErrors.None)
return true;
// Do not allow this client to communicate with unauthenticated servers.
return false;
}
如果您嘗試使用主機名stackoverflow.com
它可以工作但如果您使用例如manga1001.com
它會失敗並拋出異常。 異常詳情:
System.Security.Authentication.AuthenticationException
HResult=0x80131501
Mensaje = A call to SSPI failed, see inner exception.
Origen = System
Seguimiento de la pila:
en System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
en System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
en System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
en System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
en System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
en System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
en System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
en System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
en System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
en System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
en System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
en http_minimal.Form1.button1_Click(Object sender, EventArgs e) en C:\Users\VA\source\repos\http_minimal\http_minimal\Form1.cs: línea 36
en System.Windows.Forms.Control.OnClick(EventArgs e)
en System.Windows.Forms.Button.OnClick(EventArgs e)
en System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
en System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
en System.Windows.Forms.Control.WndProc(Message& m)
en System.Windows.Forms.ButtonBase.WndProc(Message& m)
en System.Windows.Forms.Button.WndProc(Message& m)
en System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
en System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
en System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
en System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
en System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
en System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
en System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
en System.Windows.Forms.Application.Run(Form mainForm)
en http_minimal.Program.Main() en C:\Users\VA\source\repos\http_minimal\http_minimal\Program.cs: línea 19
Excepción interna 1:
Win32Exception: No se permite la función solicitada
希望有人能幫我解決這個問題,我花了很多時間但沒有找到解決方案。
請嘗試:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls13;
經過令人沮喪的研究后,我打算對此有所了解。 似乎當前的 Windows 10 版本不完全支持 TLS 1.3。 微軟宣布在 Windows 10 v21H1 中對TLS 密碼套件進行更新。
換句話說,我們必須等到 Microsoft 啟動該更新才能檢查問題是否仍然存在。 目前無法修復該問題,因為 Windows 10 v19042.685 (20H2) 無法支持所測試網頁所需的 TLS 1.3 密碼。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.