OpenSSL错误 - 握手失败

时间:2013-11-05 10:57:14

标签: php apache api ssl

关于我对API发出的每一个请求,我都会收到此错误!?

API的后端是我自己的服务器之一,我自己设置了自签名SSL证书

这里发生了什么!?它不能是SSL证书,因为它在某些情况下有效

Warning:  fsockopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure in

API请求代码

$Request = new Request();
$Request->host = $host;
$Request->api_secret = 'asdf39Sf3D';
$Request->send($url, $params);
echo $Request->get_result();

class Request {
    public $host;
    public $api_secret;

    public $boundary;
    public $body;

    private $response;
    private $url;

    const SSL = true;

    public function send($url, $post_vars=array()){
        $this->url = $url;

        $crlf = "\r\n";

        $host = $this->host;
        $port = 80;

        if(self::SSL){
            $host = 'ssl://'.$this->host;
            $port = 443;
        }

        if($this->body){
            $body = $this->body;
        }
        else{
            $post_vars['__api_hash'] = $this->generate_hash($this->url);
            $body = http_build_query($post_vars);
        }

        $content_length = strlen($body);

        $max_post = 1024 * 1024 * 20;
        if($content_length > $max_post){
            throw new Exception("Max post size exceeded");
        }

        if($fp = fsockopen($host, $port, $errno, $errstr, 20)){
            fwrite($fp, 'POST '.substr($this->url, strlen($this->host)).' HTTP/1.1'.$crlf
                .'Host: '.$this->host.$crlf
                .($this->body ? 'Content-type: multipart/form-data; boundary='.$this->boundary : 'Content-Type: application/x-www-form-urlencoded').$crlf
                .'Content-Length: '.$content_length.$crlf
                .'Connection: Close'.$crlf.$crlf
                .$body);

            while($line = fgets($fp)){
                if($line !== false){
                    $this->response .= $line;
                }
            }

            fclose($fp);
        }
        else{
            throw new Exception("$errstr ($errno)");
        }
    }

    public function get_response(){
        return $this->response;
    }

    public function get_result(){
        list($header, $content) = explode("\n\n", str_replace("\r\n", "\n", $this->response));

        preg_match('/^HTTP\/[\d\.]+ (\d+)/', $header, $matches);
        switch($matches[1]){
            case 404:
                throw new Exception('HTTP 404 '.$this->url);
        }

        return json_decode($content, true);
    }

    public function generate_hash(){
        return sha1($this->url.$this->api_secret);
    }
}

1 个答案:

答案 0 :(得分:3)

2009年有一个广为人知的SSL / TLS renegotiation issue。您可能会看到添加代码的结果,以防止不安全的重新协商。如果修补了通信的一端以修复不安全的重新协商问题,那么这也可能导致您看到的错误。双方都需要修补版本的SSL或两者都未修补。从OpenSSL changelog开始,您似乎至少需要v0.9.8m

查看Wamp2 and "The ordinal 942 could not be located in the dynamic link library LIBEAY.dll"您可能有WAMP附带的错误版OpenSSL。

相关问题
最新问题