Question

我一直在通过LWP :: UserAgent研究HTTPS 500错误的问题。我已经尝试500 error with LWP:UserAgent中的所有内容都无济于事。

我在同一台服务器上有两个Perl库（系统和我自己的）。我自己的图书馆是最新的，但不起作用。

Perl v 5.10.1
IO::Socket::SSL v 2.022
LWP::UserAgent v 6.15
LWP::Protocol::https v 6.06

所有内容均大于参考帖子中建议的内容。

当我通过跟踪运行时，我得到：

DEBUG: .../IO/Socket/SSL.pm:2688: new ctx 26906416
DEBUG: .../IO/Socket/SSL.pm:605: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:607: socket connected
DEBUG: .../IO/Socket/SSL.pm:629: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:662: using SNI with hostname zscaler.edwardjones.com
DEBUG: .../IO/Socket/SSL.pm:697: request OCSP stapling
DEBUG: .../IO/Socket/SSL.pm:716: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:729: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:732: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:742: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:752: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:772: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:729: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:732: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:735: local error: SSL connect attempt failed
DEBUG: .../IO/Socket/SSL.pm:738: fatal SSL error: SSL connect attempt failed
DEBUG: ...erl5/Net/HTTPS.pm:69: ignoring less severe local error 'IO::Socket::INET configuration failed', keep 'SSL connect attempt failed'
DEBUG: .../IO/Socket/SSL.pm:2721: free ctx 26906416 open=26906416
DEBUG: .../IO/Socket/SSL.pm:2726: free ctx 26906416 callback
DEBUG: .../IO/Socket/SSL.pm:2733: OK free ctx 26906416

我使用了数据包捕获并发现它使用安全套接字层 - ＆gt; SSL记录层。较旧的系统库使用安全套接字层 - ＆gt; TLSv1记录层。失败的包是> 254字节，但我使用更新的Perl代码。

我已经尝试过verify_hostname 0和1而没有任何变化我试过SSL_Version =＆gt; TLSv1没有变化。

以下是代码：

#!/usr/bin/perl

use strict;
use warnings;

use lib '/opt/mylib/lib/perl5';

use Data::Dumper;
use LWP::UserAgent;
use HTTP::Request;
use JSON;

use Net::SSLeay;
$Net::SSLeay::trace = 2;
$Net::SSLeay::ssl_version = 10;  #-- force TLSv1

use IO::Socket::SSL;
$IO::Socket::SSL::DEBUG = 3;

use constant {
    TOKEN              => 'xxxx-yyyy-aaaa',
    GET_URI   => 'https://support.myvendor.com',
};

my $useragent = LWP::UserAgent->new( ssl_opts => { verify_hostname => 0 }, cookie_jar => {} );
$useragent->proxy ('https', 'https://my.proxy.com:443');
$useragent->ssl_opts( SSL_version => 'TLSv1');

sendRequest ('MyData');

exit 1;

sub sendRequest {
    my ($data) = @_;
    my $request = HTTP::Request->new('POST', GET_URI);
    $request->header('Content-Type' => 'application/json');
    my $json = encode_json {
        'Token' => TOKEN,
        'Data' => $data
    };
    $request->content($json);
    my $response = $useragent->request($request);
    if (!$response->is_success) {
        print Data::Dumper->Dump([$response], [qw($response)]);
        return;
    }

    eval { $json = decode_json $response->content; 1 } or do {
        print Data::Dumper->Dump([$response], [qw($response)]);
        return;
    };

    print Data::Dumper->Dump([$json], [qw($json)]);
    return;
}

我无法弄清楚这一点。请帮忙

2016年6月2日更新：

如果我设置SSL_hostname =“”，这就是我得到的：

DEBUG: .../IO/Socket/SSL.pm:2688: new ctx 38074176
DEBUG: .../IO/Socket/SSL.pm:605: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:607: socket connected
DEBUG: .../IO/Socket/SSL.pm:629: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:665: not using SNI because hostname is unknown
DEBUG: .../IO/Socket/SSL.pm:697: request OCSP stapling
DEBUG: .../IO/Socket/SSL.pm:716: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:729: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:732: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:742: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:752: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:772: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:729: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:2589: did not get stapled OCSP response
DEBUG: .../IO/Socket/SSL.pm:2542: ok=1 [2] /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
DEBUG: .../IO/Socket/SSL.pm:2542: ok=1 [1] /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
DEBUG: .../IO/Socket/SSL.pm:2542: ok=1 [0] /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA/C=US/ST=California/L=San Jose/O=Zscaler, Inc./CN=*.zscaler.net
DEBUG: .../IO/Socket/SSL.pm:2543: local error: Cannot determine peer hostname for verification
DEBUG: .../IO/Socket/SSL.pm:732: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:735: SSL connect attempt failed

DEBUG: .../IO/Socket/SSL.pm:735: ignoring less severe local error 'SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed', keep 'Cannot determine peer hostname for verification'
DEBUG: .../IO/Socket/SSL.pm:738: fatal SSL error: Cannot determine peer hostname for verification
DEBUG: ...erl5/Net/HTTPS.pm:69: ignoring less severe local error 'IO::Socket::INET configuration failed', keep 'Cannot determine peer hostname for verification'
DEBUG: .../IO/Socket/SSL.pm:2721: free ctx 38074176 open=38074176
DEBUG: .../IO/Socket/SSL.pm:2726: free ctx 38074176 callback
DEBUG: .../IO/Socket/SSL.pm:2733: OK free ctx 38074176

如果我没有设置SSL_hostname，这就是我得到的。请注意，SNI主机名是我的代理人 - 是吗？它不应该是最终主持人吗？

DEBUG: .../IO/Socket/SSL.pm:2688: new ctx 30971328
DEBUG: .../IO/Socket/SSL.pm:605: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:607: socket connected
DEBUG: .../IO/Socket/SSL.pm:629: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:662: using SNI with hostname my.proxy.com
DEBUG: .../IO/Socket/SSL.pm:697: request OCSP stapling
DEBUG: .../IO/Socket/SSL.pm:716: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:729: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:732: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:742: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:752: waiting for fd to become ready: SSL wants a read first

经过更多研究，我发现我有verify_hostname =＆gt; 1当我设置SSL_hostname =''时。我尝试使用verify = 0并稍微进一步。我想这意味着我能够通过我的代理并与终端服务器通信？它仍然不像旧库那样工作。

DEBUG: .../IO/Socket/SSL.pm:2688: new ctx 44513104
DEBUG: .../IO/Socket/SSL.pm:605: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:607: socket connected
DEBUG: .../IO/Socket/SSL.pm:629: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:665: not using SNI because hostname is unknown
DEBUG: .../IO/Socket/SSL.pm:716: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:729: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:732: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:742: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:752: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:772: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:729: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:732: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:742: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:752: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:772: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:729: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:732: done Net::SSLeay::connect -> 1
DEBUG: .../IO/Socket/SSL.pm:787: ssl handshake done
DEBUG: .../IO/Socket/SSL.pm:2721: free ctx 44513104 open=44513104
DEBUG: .../IO/Socket/SSL.pm:2733: OK free ctx 44513104
$response = bless( {
                     '_content' => 'Server closed connection without sending any data back at /opt/ejvfortiprov/lib/perl5/Net/HTTP/Methods.pm line 399.
',
                     '_rc' => 500,

Answer 1

没有解决方案，但也许是一种解决方法：尝试使用curl而不是libwww，例如My coding picture.或WWW::Curl（看起来它与int a = nextInt();具有相同的界面）

LWP :: UserAgent第2部分出现500错误

1 个答案: