jython 中的 SSL 非法状态异常
Posted
技术标签:
【中文标题】jython 中的 SSL 非法状态异常【英文标题】:SSL illegal state exception in jython 【发布时间】:2016-03-17 12:24:33 【问题描述】:我经常收到以下错误,但并非总是如此,
in __call__ return self.__sendself.__name args File "/Lib/cvplibrary/SSLCertificateWrapper.py" line 51 in wrapped res = f*args **kwargs File "/Lib/jsonrpclib/jsonrpc.py" line 240 in _request response = self._run_requestrequest File "/Lib/jsonrpclib/jsonrpc.py" line 254 in _run_request response = self.__transport.request File "/Lib/xmlrpclib.py" line 1264 in request return self.single_requesthost handler request_body verbose File "/Lib/xmlrpclib.py" line 1292 in single_request self.send_contenth request_body File "/Lib/jsonrpclib/jsonrpc.py" line 129 in send_content connection.endheaders File "/Lib/httplib.py" line 997 in endheaders self._send_outputmessage_body File "/Lib/httplib.py" line 850 in _send_output self.sendmsg File "/Lib/httplib.py" line 812 in send self.connect File "/Lib/httplib.py" line 1204 in connect self.sock = ssl.wrap_socketsock self.key_file self.cert_file File "/Lib/_socket.py" line 357 in handle_exception return method_or_function*args **kwargs File "/Lib/_socket.py" line 357 in handle_exception return method_or_function*args **kwargs File "/Lib/ssl.py" line 287 in wrap_socket return SSLSocket File "/Lib/ssl.py" line 116 in __init__ self.do_handshake File "/Lib/ssl.py" line 165 in do_handshake raise SSLErrorSSL_ERROR_SSL e.strerror _socket.SSLError: [Errno 1] Illegal state exception
以下是我尝试使用 jython 执行的代码,
import jsonrpclib
url = 'https://user:password@localhost/'
ss = jsonrpclib.Server( url )
version = ss.runCmds("ifconfig" )
print version
我正在使用 jsonrpc 库,并在方法“_request”中添加了包装器,如下所示
@trust_all_certificates
def _request(self, methodname, params, rpcid=None):
request = dumps(params, methodname, encoding=self.__encoding,
rpcid=rpcid, version=self.__version)
response = self._run_request(request)
check_for_errors(response)
return response['result']
包装器取自:http://tech.pedersen-live.com/2010/10/trusting-all-certificates-in-jython/,如下所示,
def trust_all_certificates(f):
'''Decorator function that will make it so the context of the decorated method
will run with our TrustManager that accepts all certificates'''
def wrapped(*args, **kwargs):
# Only do this if running under Jython
if 'java' in sys.platform:
from javax.net.ssl import SSLContext
SSLContext.setDefault(TRUST_ALL_CONTEXT)
try:
res = f(*args, **kwargs)
return res
finally:
SSLContext.setDefault(DEFAULT_CONTEXT)
else:
return f(*args, **kwargs)
return wrapped
如何解决这个问题?
【问题讨论】:
【参考方案1】:我通过增加 ssl.py 第 165 行(Jython 3.7 库)中的等待时间解决了这个问题
time.sleep(0.005) # Necessary apparently for the handler to get into a good state
try:
self._sock._handle_channel_future(handshake, "SSL handshake")
except socket_error, e:
raise SSLError(SSL_ERROR_SSL, e.strerror)
【讨论】:
【参考方案2】:这是 SSL 底层实现 netty 中的竞争条件。该错误已在 netty 4.0.34 中得到解决,因此升级到 Jython 2.7.1rc1 将解决该问题(2.7.1b3 仍使用 netty 4.0.33)。
如果升级 Jython 不是一个选项,那么可以通过编辑 Lib/ssl.py
来解决一个小问题:
添加一个新类:
class RaceFreeSslHandler(SslHandler):
def channelActive(self, ctx):
self.ctx = ctx
SslHandler.channelActive(self)
并将self.ssl_handler = SslHandler(self.engine)
更改为self.ssl_handler = RaceFreeSslHandler(self.engine)
来源:https://github.com/jythontools/jython/pull/29/files
Jython 问题:http://bugs.jython.org/issue2401
网络问题:https://github.com/netty/netty/issues/4705
【讨论】:
以上是关于jython 中的 SSL 非法状态异常的主要内容,如果未能解决你的问题,请参考以下文章