我正在尝试在Python中建立一个安全的套接字连接,但我握手失败。这就是我一直在尝试的:
import socket
import ssl
# CREATE SOCKET
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# WRAP SOCKET
wrappedSock = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, ciphers="ADH-AES256-SHA")
# CONNECT AND PRINT REPLY
wrappedSock.connect(('www.google.com.hk', 443))
wrappedSock.send('''GET / HTTP/1.1
Host: www.google.com.hk
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.75 Safari/537.36
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
''')
buf = wrappedSock.recv(1024)
while len(buf):
print buf
buf = wrappedSock.recv(1024)
警告错误:
Traceback (most recent call last):
File "C:/Users/Administrator/Desktop/test.py", line 8, in <module>
wrappedSock.connect(('www.google.com.hk', 443))
File "C:\Python27\lib\ssl.py", line 876, in connect
self._real_connect(addr, False)
File "C:\Python27\lib\ssl.py", line 867, in _real_connect
self.do_handshake()
File "C:\Python27\lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:661)
我的环境:
Python 2.7.13
pyOpenSSL (16.2.0)
ndg-httpsclient (0.4.3)
pyasn1 (0.2.2)
pyasn1-modules (0.0.8)
我也试过“ssl_version = ssl.PROTOCOL_TLSv1”并且它有同样的错误。希望有人可以提供帮助。
答案 0 :(得分:0)
wrappedSock = ssl.wrap_socket(... ciphers="ADH-AES256-SHA")
...
wrappedSock.connect(('www.google.com.hk', 443))
您尝试访问的服务器不支持您指定的密码。几乎没有服务器支持ADH密码,因为它们不会对服务器进行身份验证,因此可以在中间攻击中轻松打开。
目前还不清楚你为什么要特意使用这个密码。但我建议您只需跳过ciphers参数,以便它使用默认密码。