我正在尝试使用基于SSL的套接字在我的Python程序中进行安全的数据传输。在主机运行并在特定端口上侦听之后,我尝试运行客户端,但是socket.create_connection()失败并显示此错误:
请注意,两台计算机能够成功通信(没有防火墙问题等)。这是通过WAN进行的,并且我确实具有端口转发设置。
错误:
line 39, in __init__
self.clientSocket = socket.create_connection((destinationAddress,destinationPort), None)
File "C:\Users\HIFI\AppData\Local\Programs\Python\Python37-32\lib\socket.py", line 727, in create_connection
raise err
File "C:\Users\HIFI\AppData\Local\Programs\Python\Python37-32\lib\socket.py", line 716, in create_connection
sock.connect(sa)
TimeoutError: [WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
客户:
context = ssl.create_default_context()
self.clientSocket=socket.create_connection((destinationAddress,destinationPort), None)
self.ssock = context.wrap_socket(self.clientSocket,server=destinationAddress)
ssockVersion = self.ssock.version()
主机设置:
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain(pemPath,keyPath)
theSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM,0)
theSocket.settimeout(None)
theSocket.bind(('127.0.0.1',port))
theSocket.listen(numBufferedConnections)
ssock = context.wrap_socket(theSocket, server_side=True)
self.hostSocket = ssock
主机接受:
hostSocket = self.hostSocket
while True:
clientConnection = hostSocket.accept()
clientAddress = clientConnection[1]
Python文档宿主示例(https://docs.python.org/3/library/ssl.html):
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain('/path/to/certchain.pem', '/path/to/private.key')
with socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) as sock:
sock.bind(('127.0.0.1', 8443))
sock.listen(5)
with context.wrap_socket(sock, server_side=True) as ssock:
conn, addr = ssock.accept()
...
Python文档客户端示例(https://docs.python.org/3/library/ssl.html):
import socket
import ssl
hostname = 'www.python.org'
context = ssl.create_default_context()
with socket.create_connection((hostname, 443)) as sock:
with context.wrap_socket(sock, server_hostname=hostname) as ssock:
print(ssock.version())
* EDIT / 解决方案:代码的create_connection部分无法连接到服务器,因为绑定部分必须为0.0.0.0或'',而不是127.0.0.1。 / p>
我将打开一个新线程来解决另一个问题。另一个问题与现已解决的原始问题分开了:
但是,现在还有另一个问题。我一直在看论坛帖子,并尝试了以下解决方案,这是公认的解决方案。但这是行不通的。
问题:
self.ssock = context.wrap_socket(self.clientSocket, server_hostname=destinationAddress)
File "C:\Users\HIFI\AppData\Local\Programs\Python\Python37-32\lib\ssl.py", line 423, in wrap_socket
session=session
File "C:\Users\HIFI\AppData\Local\Programs\Python\Python37-32\lib\ssl.py", line 870, in _create
self.do_handshake()
File "C:\Users\HIFI\AppData\Local\Programs\Python\Python37-32\lib\ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1076)
我尝试过但没有用的解决方案是:
#To fix certificate issue
try:
_create_unverified_https_context = ssl._create_unverified_context
except AttributeError:
# Legacy Python that doesn't verify HTTPS certificates by default
pass
else:
# Handle target environment that doesn't support HTTPS verification
ssl._create_default_https_context = _create_unverified_https_context