Ruby / SSL:sslv3警报握手失败

时间:2014-01-29 14:15:28

标签: ruby ssl https

请注意我已经在这里回顾了很多关于这个问题的文章,我展示的示例/示例代码是我根据我的阅读尝试过的十几种变体之一。所以请不要RTFM等。

我正在编写一个简单的ruby脚本来登录/注销Web应用程序。不幸的是它是https,在我的尝试中,似乎ssl比我想象的更难“简单编程”场景。

我正在库存Kali安装上运行此脚本。我正在使用Ruby 1.9.1。我得到的错误是:

/usr/lib/ruby/1.9.1/net/http.rb:799:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert handshake failure (OpenSSL::SSL::SSLError)
    from /usr/lib/ruby/1.9.1/net/http.rb:799:in `block in connect'
    from /usr/lib/ruby/1.9.1/timeout.rb:54:in `timeout'
    from /usr/lib/ruby/1.9.1/timeout.rb:99:in `timeout'
    from /usr/lib/ruby/1.9.1/net/http.rb:799:in `connect'
    from /usr/lib/ruby/1.9.1/net/http.rb:755:in `do_start'
    from /usr/lib/ruby/1.9.1/net/http.rb:744:in `start'
    from ./capture_ids.rb:27:in `block in <main>'
    from ./capture_ids.rb:18:in `each'
    from ./capture_ids.rb:18:in `<main>'

这是我的红宝石脚本:

#!/usr/bin/env ruby

require 'net/http'
require 'net/https'
require 'openssl'

puts OpenSSL::OPENSSL_VERSION
puts "SSL_CERT_FILE: %s" % OpenSSL::X509::DEFAULT_CERT_FILE
puts "SSL_CERT_DIR: %s" % OpenSSL::X509::DEFAULT_CERT_DIR

login_str = "https://192.168.0.251/~login_handler?UserName=foo&Password=bar"
logout_str = "https://192.168.0.251/~logout_handler?session_id="

seqids = Array.new

puts "Starting capture..."
puts "Staring loop..."
for num in 0..2 do
        puts "doing iteration #{num}"
        uri = URI.parse(login_str)
        https = Net::HTTP.new(uri.host, uri.port)
        https.use_ssl = true
#       https.cert_store = OpenSSL::X509::Store.new
#       https.cert_store.set_default_paths
        https.verify_mode = OpenSSL::SSL::VERIFY_NONE
        req = Net::HTTP::Post.new(uri.path)
        https.start {
                res = https.request(req)
        }
#       puts "*********** Here is the response ***************"
#       puts res
#       puts "*********** End of response ********************"
        start_pt = res.index("name=")
        end_pt = res.index(" src=")
        seq_id = res.slice(start_pt, end_pt)
        puts "Sequence id is " + seq_id
        seqids << seq_id
        uri = URI.parse(logout_str)
        https = Net::HTTP::new(uri.host, uri.port)
        https.use_ssl = true
#       https.cert_store = OpenSSL::X509::Store.new
#       https.cert_store.set_default_paths
        https.verify_mode = OpenSSL::SSL::VERIFY_NONE
        req = Net::HTTP::Get.new(uri.path)
        https.start {
                https.request(req)
        }
end

我的SSL目录/证书是:

SSL_CERT_FILE:/usr/lib/ssl/cert.pem SSL_CERT_DIR:/ usr / lib / ssl / certs

是的,我确认有事情存在。我也尝试下载新的cert文件和ca文件并使用它们并将它们放在那里。 我必须动摇什么神奇的ju ju珠?

0 个答案:

没有答案
相关问题
最新问题