我正在尝试与服务器SSL套接字Java和客户端SSL套接字Python进行通信。发送的第一条消息是正常的,但是当服务器发送另一条消息时,客户端会收到分为两部分的消息。例如:如果服务器发送消息“abcdefghij”,则客户端首先接收“a”,然后接收“bcdefghij”。
有人知道为什么第一次收到消息后分两部分?问候。
客户端代码:
import socket, ssl, pprint
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
ssl_sock = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_NONE)
ssl_sock.connect(('localhost', 7000))
pprint.pprint(ssl_sock.getpeercert())
while(1):
print "Waiting"
data = ssl_sock.recv()
print "Received:", data
data = ""
ssl_sock.close()
服务器代码:
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
public class SslReverseEchoer {
public static void main(String[] args) {
char ksPass[] = "123456".toCharArray();
char ctPass[] = "123456".toCharArray();
try {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream("keystore.jks"), ksPass);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, ctPass);
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), null, null);
SSLServerSocketFactory ssf = sc.getServerSocketFactory();
SSLServerSocket s = (SSLServerSocket) ssf.createServerSocket(7000);
printServerSocketInfo(s);
SSLSocket c = (SSLSocket) s.accept();
printSocketInfo(c);
BufferedWriter w = new BufferedWriter(new OutputStreamWriter(c.getOutputStream()));
BufferedReader r = new BufferedReader(new InputStreamReader(c.getInputStream()));
//1th time
String m = "abcdefghj1234567890";
w.write(m, 0, m.length());
w.newLine();
w.flush();
//2th time
String m2 = "#abcdefghj1234567890";
w.write(m2, 0, m2.length());
w.newLine();
w.flush();
//3th time
String m3 = "?abcdefghj1234567890";
w.write(m3, 0, m3.length());
w.newLine();
w.flush();
while ((m = r.readLine()) != null) {
if (m.equals("."))
break;
char[] a = m.toCharArray();
int n = a.length;
for (int i = 0; i < n / 2; i++) {
char t = a[i];
a[i] = a[n - 1 - i];
a[n - i - 1] = t;
}
w.write(a, 0, n);
w.newLine();
w.flush();
}
w.close();
r.close();
c.close();
s.close();
} catch (Exception e) {
System.err.println(e.toString());
}
}
private static void printSocketInfo(SSLSocket s) {
System.out.println("Socket class: " + s.getClass());
System.out.println(" Remote address = " + s.getInetAddress().toString());
System.out.println(" Remote port = " + s.getPort());
System.out.println(" Local socket address = " + s.getLocalSocketAddress().toString());
System.out.println(" Local address = " + s.getLocalAddress().toString());
System.out.println(" Local port = " + s.getLocalPort());
System.out.println(" Need client authentication = " + s.getNeedClientAuth());
SSLSession ss = s.getSession();
System.out.println(" Cipher suite = " + ss.getCipherSuite());
System.out.println(" Protocol = " + ss.getProtocol());
}
private static void printServerSocketInfo(SSLServerSocket s) {
System.out.println("Server socket class: " + s.getClass());
System.out.println(" Socker address = " + s.getInetAddress().toString());
System.out.println(" Socker port = " + s.getLocalPort());
System.out.println(" Need client authentication = " + s.getNeedClientAuth());
System.out.println(" Want client authentication = " + s.getWantClientAuth());
System.out.println(" Use client mode = " + s.getUseClientMode());
}
}
答案 0 :(得分:2)
您似乎总是能够从另一方读取您在一个区块中发送的任何数据量。
这是一个常见错误,不是特定于SSL / TLS,而是与普通TCP通信有关。
你应该总是循环阅读你想要阅读的内容。您还应该定义协议(或使用现有协议)以考虑命令和请求/响应终止符。
例如, HTTP使用空行来表示标题的结尾以及Content-Length
标题或分块转移编码,以告诉收件人何时停止阅读正文。
SMTP使用行分隔命令,并使用单个.
作为邮件结尾。
答案 1 :(得分:1)
它是服务器端的Naggle算法和客户端TCP堆栈中的延迟ACK的组合。您还会发现两个数据包之间的延迟约为40毫秒。
禁用服务器端的Naggle算法以解决问题:
SSLSocket c = (SSLSocket) s.accept();
c.setTcpNoDelay(true);
有关为何出现这种情况的详细信息:http://www.stuartcheshire.org/papers/NagleDelayedAck/
编辑添加:请注意下面Bruno的回答。虽然这描述了您在此处看到的具体原因,但您无法保证从服务器获取数据的方式。
答案 2 :(得分:0)
我试图以两种方式解决我的问题,消息总是在第一个字符处中断,所以我决定在每个消息的开头添加三个空格并结束。因此,当客户端收到它们时,请对消息进行修改。 我发现的另一种方法是使用DataOutputStream,这是一个逐字节提供writeBytes的方法,在服务器上使用它,客户端在接收数据时有q更改,消息必须构建客户端处理以最终执行我想要的内容消息结束。感谢您的讨论!