Java Server SSL Socket和Python Client SSL套接字 - 服务器发送消息时出现问题

时间:2012-08-02 23:55:08

标签: java python ssl client

我正在尝试与服务器SSL套接字Java和客户端SSL套接字Python进行通信。发送的第一条消息是正常的,但是当服务器发送另一条消息时,客户端会收到分为两部分的消息。例如:如果服务器发送消息“abcdefghij”,则客户端首先接收“a”,然后接收“bcdefghij”。

有人知道为什么第一次收到消息后分两部分?问候。

客户端代码:

import socket, ssl, pprint
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
ssl_sock = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_NONE)
ssl_sock.connect(('localhost', 7000))
pprint.pprint(ssl_sock.getpeercert())

while(1):
    print "Waiting"
    data = ssl_sock.recv()  
    print "Received:", data
    data = ""

ssl_sock.close()

服务器代码:

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.security.KeyStore;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;


public class SslReverseEchoer {

    public static void main(String[] args) {
        char ksPass[] = "123456".toCharArray();
        char ctPass[] = "123456".toCharArray();

        try {
            KeyStore ks = KeyStore.getInstance("JKS");
            ks.load(new FileInputStream("keystore.jks"), ksPass);
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
            kmf.init(ks, ctPass);
            SSLContext sc = SSLContext.getInstance("TLS");
            sc.init(kmf.getKeyManagers(), null, null);
            SSLServerSocketFactory ssf = sc.getServerSocketFactory();
            SSLServerSocket s = (SSLServerSocket) ssf.createServerSocket(7000);
            printServerSocketInfo(s);
            SSLSocket c = (SSLSocket) s.accept();
            printSocketInfo(c);
            BufferedWriter w = new BufferedWriter(new OutputStreamWriter(c.getOutputStream()));
            BufferedReader r = new BufferedReader(new InputStreamReader(c.getInputStream()));
            //1th time
            String m = "abcdefghj1234567890";
            w.write(m, 0, m.length());
            w.newLine();
            w.flush();
            //2th time
            String m2 = "#abcdefghj1234567890";
            w.write(m2, 0, m2.length());
            w.newLine();
            w.flush();
            //3th time
            String m3 = "?abcdefghj1234567890";
            w.write(m3, 0, m3.length());
            w.newLine();
            w.flush();
            while ((m = r.readLine()) != null) {
                if (m.equals("."))
                    break;
                char[] a = m.toCharArray();
                int n = a.length;
                for (int i = 0; i < n / 2; i++) {
                    char t = a[i];
                    a[i] = a[n - 1 - i];
                    a[n - i - 1] = t;
                }
                w.write(a, 0, n);
                w.newLine();
                w.flush();
            }
            w.close();
            r.close();
            c.close();
            s.close();
        } catch (Exception e) {
            System.err.println(e.toString());
        }
    }

    private static void printSocketInfo(SSLSocket s) {
        System.out.println("Socket class: " + s.getClass());
        System.out.println("   Remote address = " + s.getInetAddress().toString());
        System.out.println("   Remote port = " + s.getPort());
        System.out.println("   Local socket address = " + s.getLocalSocketAddress().toString());
        System.out.println("   Local address = " + s.getLocalAddress().toString());
        System.out.println("   Local port = " + s.getLocalPort());
        System.out.println("   Need client authentication = " + s.getNeedClientAuth());
        SSLSession ss = s.getSession();
        System.out.println("   Cipher suite = " + ss.getCipherSuite());
        System.out.println("   Protocol = " + ss.getProtocol());
    }

    private static void printServerSocketInfo(SSLServerSocket s) {
        System.out.println("Server socket class: " + s.getClass());
        System.out.println("   Socker address = " + s.getInetAddress().toString());
        System.out.println("   Socker port = " + s.getLocalPort());
        System.out.println("   Need client authentication = " + s.getNeedClientAuth());
        System.out.println("   Want client authentication = " + s.getWantClientAuth());
        System.out.println("   Use client mode = " + s.getUseClientMode());
    }
}

3 个答案:

答案 0 :(得分:2)

您似乎总是能够从另一方读取您在一个区块中发送的任何数据量。

这是一个常见错误,不是特定于SSL / TLS,而是与普通TCP通信有关。

你应该总是循环阅读你想要阅读的内容。您还应该定义协议(或使用现有协议)以考虑命令和请求/响应终止符。

例如,

HTTP使用空行来表示标题的结尾以及Content-Length标题或分块转移编码,以告诉收件人何时停止阅读正文。

SMTP使用行分隔命令,并使用单个.作为邮件结尾。

答案 1 :(得分:1)

它是服务器端的Naggle算法和客户端TCP堆栈中的延迟ACK的组合。您还会发现两个数据包之间的延迟约为40毫秒。

禁用服务器端的Naggle算法以解决问题:

SSLSocket c = (SSLSocket) s.accept();
c.setTcpNoDelay(true);

有关为何出现这种情况的详细信息:http://www.stuartcheshire.org/papers/NagleDelayedAck/

编辑添加:请注意下面Bruno的回答。虽然这描述了您在此处看到的具体原因,但您无法保证从服务器获取数据的方式。

答案 2 :(得分:0)

我试图以两种方式解决我的问题,消息总是在第一个字符处中断,所以我决定在每个消息的开头添加三个空格并结束。因此,当客户端收到它们时,请对消息进行修改。 我发现的另一种方法是使用DataOutputStream,这是一个逐字节提供writeBytes的方法,在服务器上使用它,客户端在接收数据时有q更改,消息必须构建客户端处理以最终执行我想要的内容消息结束。感谢您的讨论!