我在使用OpenSSL 1.0.1c,python 2.7.3,请求1.0.3和1.0.4(都尝试过)的Ubuntu 12.10上,并且尝试使用以下代码连接到url变量中的网站时。
def SendInitialRequest(xmlmessage, redirecturl): url = 'https://centineltest.cardinalcommerce.com/maps/txns.asp' payload = 'cmpi_msg=' + ET.tostring(xmlmessage) headers = { 'Content-Type': 'application/x-www-form-urlencoded', } r = requests.post(url, data=payload, headers=headers, verify=None) print r.text
它引发以下错误:
Traceback (most recent call last): File "<stdin>", line 1, in <module> File "clams/libs/centinel/thinclient.py", line 134, in SendInitialRequest r = requests.post(url, data=payload, headers=headers, verify=None) File "/home/jasonamyers/.virtualenv/clams/lib/python2.7/site-packages/requests/api.py", line 87, in post return request('post', url, data=data, **kwargs) File "/home/jasonamyers/.virtualenv/clams/lib/python2.7/site-packages/requests/api.py", line 44, in request return session.request(method=method, url=url, **kwargs) File "/home/jasonamyers/.virtualenv/clams/lib/python2.7/site-packages/requests/sessions.py", line 269, in request resp = self.send(prep, stream=stream, timeout=timeout, verify=verify, cert=cert, proxies=proxies) File "/home/jasonamyers/.virtualenv/clams/lib/python2.7/site-packages/requests/sessions.py", line 364, in send r = adapter.send(request, **kwargs) File "/home/jasonamyers/.virtualenv/clams/lib/python2.7/site-packages/requests/adapters.py", line 163, in send raise SSLError(e) requests.exceptions.SSLError: [Errno 8] _ssl.c:504: EOF occurred in violation of protocol
尝试使用openssl返回以下内容:
$ openssl s_client -connect centineltest.cardinalcommerce.com:443 CONNECTED(00000003) 140019346777760:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 226 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE ---
如果我强迫它使用tls1,它将起作用(输出被截断):
$ openssl s_client -tls1 -connect centineltest.cardinalcommerce.com:443 CONNECTED(00000003) depth=2 C = US, O = "thawte, Inc.", OU = Certification Services Division, OU verify error:num=20:unable to get local issuer certificate verify return:0 ---
我已经看到了很多有关此问题的错误报告。但是,我还没有找到一种使用python请求库解决该问题的方法。任何帮助将不胜感激。
在请求发布页面上将其重新发布给其他人:
在版本1之前,“请求”不支持执行此操作。在版本1之后,您应该继承HTTPAdapter的子类,如下所示:
from requests.adapters import HTTPAdapter from requests.packages.urllib3.poolmanager import PoolManager import ssl class MyAdapter(HTTPAdapter): def init_poolmanager(self, connections, maxsize, block=False): self.poolmanager = PoolManager(num_pools=connections, maxsize=maxsize, block=block, ssl_version=ssl.PROTOCOL_TLSv1)
完成此操作后,您可以执行以下操作:
import requests s = requests.Session() s.mount('https://', MyAdapter())
然后,通过该会话对象的任何请求都将使用TLSv1。