我正在尝试从BingAds网址下载.zip文件,并且正在努力绕过此错误:
Connection reset by peer - SSL_connect
我目前正在通过另一个应用程序在生产中运行此代码,但我正在使用nitrous.io在chromebook上运行新应用程序并运行默认的rails安装(亚硝基盒)。
目前在其他应用中使用的代码:
class BingApi
def self.get_data(request_params={})
require 'zip'
#Acquire Bing report download URL
report_url = BingApi.acquire_report_url(report_request_id, request_params)
zip_file = open(report_url)
unzippedxml = Zip::File.open(zip_file) # open zip
entry = unzippedxml.entries.reject(&:directory?).first # take first non-directory
entry.get_input_stream{|is| is.read } # read file contents
end
report_url
看起来像:https://download.api.bingads.microsoft.com/ReportDownload/Download.aspx?q=cWmkJ72lVlzGEG%2fouLL8Xes2j6I5qVhLrnTqNIrW ....
访问时,会提示下载.zip文件,我解压缩然后再解析。
然而,使用nitrous box的chromebook上的相同代码给我Connection reset by peer - SSL_connect
错误
Errno::ECONNRESET - Connection reset by peer - SSL_connect:
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/net/http.rb:920:in `block in connect'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/timeout.rb:76:in `timeout'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/net/http.rb:920:in `connect'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/net/http.rb:863:in `do_start'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/net/http.rb:852:in `start'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:313:in `open_http'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:724:in `buffer_open'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:210:in `block in open_loop'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:208:in `open_loop'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:149:in `open_uri'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:704:in `open'
/home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:34:in `open'
lib/bing_api.rb:25:in `get_data'
lib/bing_api.rb:224:in `get_and_parse'
我一直在尝试各种不同的解决方案:
zip_file = open(report_url, :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE)
OR
zip_file = Faraday.get(report_url, :ssl => false)
最后我通过使用:
来绕过它uri = URI.parse(report_url)
https = Net::HTTP.new(uri.host, uri.port)
https.open_timeout = 5
https.use_ssl = true
https.ssl_version = 'SSLv3'
request = Net::HTTP::Get.new(uri.request_uri)
zip_file = https.request(request)
但我无法将zip_file
传递给unzippedxml = Zip::File.open(zip_file)
,或者我收到no implicit conversion of Net::HTTPOK into String
TypeError。
我在这里错过了一些简单的东西吗?我应该使用zip_file.class => Net::HTTPOK
对象做些不同的事情吗?
我尝试调用zip_file.body
但是如果您在解压缩之前尝试在编辑器中打开压缩文件,那么返回的内容就像您所看到的那样。
答案 0 :(得分:4)
服务器坏了。
它仅支持显式TLS1.0和SSL3.0握手,不支持常用和最兼容的SSLv23握手。即使使用明确的TLS1.0握手,如果包含错误或过多的密码,它也会失败。 analyze.pl的相关输出:
* version SSLv23, no verification, ciphers= -> FAIL! SSL wants a read first
* version SSLv23, no verification, ciphers=HIGH:ALL -> FAIL! SSL wants a read first
* version TLSv1_2, no verification, ciphers= -> FAIL! SSL wants a read first
* version TLSv1_2, no verification, ciphers=HIGH:ALL -> FAIL! SSL wants a read first
* version TLSv1_1, no verification, ciphers= -> FAIL! SSL connect attempt failed error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
* version TLSv1_1, no verification, ciphers=HIGH:ALL -> FAIL! SSL wants a read first
* version TLSv1 no verification, ciphers= -> TLSv1,AES256-SHA
* version TLSv1, no verification, ciphers=HIGH:ALL -> FAIL! SSL wants a read first
* version SSLv3 no verification, ciphers= -> SSLv3,AES256-SHA
* version SSLv3 no verification, ciphers=HIGH:ALL -> SSLv3,AES256-SHA
* supported SSL versions with handshake used and preferred cipher(s):
* handshake protocols ciphers
* SSLv23 FAILED: SSL wants a read first
* TLSv1_2 FAILED: SSL wants a read first
* TLSv1_1 FAILED: SSL connect attempt failed error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number SSL wants a read first
* TLSv1 TLSv1 AES256-SHA
* SSLv3 SSLv3 AES256-SHA
在这里可以看到SSLv23,TLSv1_2和TLSv1_1握手不起作用,并且TLSv1握手确实有效,但如果密码为HIGH则不行:所有(可能包含太多密码或可能包含意外密码)。然后SSLv3握手可以稳定工作。
浏览器通过尝试多次同时缓慢降级握手中使用的SSL / TLS协议版本来解决此类行为。但除了浏览器之外,其他任何人都没有这样做。因此,除非专门配置为对此服务器使用TLS1.0或SSL3.0握手,否则任何其他应用程序通常都会失败。
但是我无法将zip_file传递给unzippedxml = Zip :: File.open(zip_file),或者我没有将Net :: HTTPOK隐式转换为String TypeError。
至少您提供的网址只返回404未找到。请检查您是否确实获得了ZIP文件。我不知道这个服务器,但通常这些下载链接是动态创建的,并且只有在你之前访问过其他网站并在那里获得cookie或类似的东西将URL绑定到浏览器会话时才有效。 / p>