使用python 2.7.13请求的ssl连接

时间:2017-07-08 13:02:25

标签: python ssl python-requests

我尝试使用python请求包通过SSL连接,我使用下面的代码。

resp = requests.get(addr , auth=HttpNtlmAuth(userFile[unum],passFile[pnum]) , headers = {'User-Agent':'Mozilla/4.01 (compatible; MSIE 6.0; Windows NT 5.1)'} , verify = False)

但每次我都遇到错误。

("bad handshake: SysCallError(-1, 'Unexpected EOF')",)

更新1:

我转储主机证书并将其保存到c.cert并在代码下面使用。

resp = requests.get(addr , auth=HttpNtlmAuth(userFile[unum],passFile[pnum]) , headers = {'User-Agent':'Mozilla/4.01 (compatible; MSIE 6.0; Windows NT 5.1)'} , cert = '/home/user/Desktop/c.cert' , verify = '/home/user/Desktop/c.cert')

和新错误。

[('PEM routines', 'PEM_read_bio', 'no start line'), ('SSL routines', 'SSL_CTX_use_PrivateKey_file', 'PEM lib')]

更新2:

这是Burp Suite捕获的内容。

(首先,会话创建):

GET /PATH HTTP/1.1
Host: HOST
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Cookie: ASPSESSIONIDCQCTCTCQ=EPEHGDDAKOINODAJJKCELEOK
DNT: 1
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

(其次,使用凭证时):

GET /PATH HTTP/1.1
Host: HOST
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Cookie: ASPSESSIONIDCQCTCTCQ=EPEHGDDAKOINODAJJKCELEOK
DNT: 1
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
Authorization: NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
Connection: close

(第三,证书错误)

GET /PATH HTTP/1.1
Host: HOST
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Cookie: ASPSESSIONIDCQCTCTCQ=EPEHGDDAKOINODAJJKCELEOK
DNT: 1
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAGAAAACIAIgAeAAAAAAAAABAAAAACgAKAEAAAAAWABYASgAAAAAAAAAAAAAABYIIAGEAZABtAGkAbgBXAE8AUgBLAFMAVABBAFQASQBPAE4Ao8+kG6lMZcLmQys5IUkpayq+W1VFZPkjUQjxBhzugt88vU6RR3wahQEBAAAAAAAAgPonWPz30gGr58MfeUgvgQAAAAACABIAVwBFAEIAUwBFAFIAVgBFAFIAAQASAFcARQBCAFMARQBSAFYARQBSAAQAEgBXAEUAQgBTAEUAUgBWAEUAUgADABIAVwBFAEIAUwBFAFIAVgBFAFIAAAAAAA==
Connection: close

使用不带HTTPS的网址时,会向我显示以下自定义错误的网页

错误请求(无效主机名)

1 个答案:

答案 0 :(得分:-1)

也许你需要创建一个SSL上下文,并将其传递给请求。 

import ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2) #if you need TLS v1.2

然后,将此上下文var传递给requests方法。如果是可选的关键字参数,请命名为context。所以,电话会是这样的:

resp = requests.get(addr, ...., context=context)

相关问题
最新问题