jython 中的 SSL 非法状态异常

Posted

技术标签:

【中文标题】jython 中的 SSL 非法状态异常【英文标题】:SSL illegal state exception in jython 【发布时间】:2016-03-17 12:24:33 【问题描述】:

我经常收到以下错误,但并非总是如此,

in __call__ return self.__sendself.__name args File "/Lib/cvplibrary/SSLCertificateWrapper.py" line 51 in wrapped res = f*args **kwargs File "/Lib/jsonrpclib/jsonrpc.py" line 240 in _request response = self._run_requestrequest File "/Lib/jsonrpclib/jsonrpc.py" line 254 in _run_request response = self.__transport.request File "/Lib/xmlrpclib.py" line 1264 in request return self.single_requesthost handler request_body verbose File "/Lib/xmlrpclib.py" line 1292 in single_request self.send_contenth request_body File "/Lib/jsonrpclib/jsonrpc.py" line 129 in send_content connection.endheaders File "/Lib/httplib.py" line 997 in endheaders self._send_outputmessage_body File "/Lib/httplib.py" line 850 in _send_output self.sendmsg File "/Lib/httplib.py" line 812 in send self.connect File "/Lib/httplib.py" line 1204 in connect self.sock = ssl.wrap_socketsock self.key_file self.cert_file File "/Lib/_socket.py" line 357 in handle_exception return method_or_function*args **kwargs File "/Lib/_socket.py" line 357 in handle_exception return method_or_function*args **kwargs File "/Lib/ssl.py" line 287 in wrap_socket return SSLSocket File "/Lib/ssl.py" line 116 in __init__ self.do_handshake File "/Lib/ssl.py" line 165 in do_handshake raise SSLErrorSSL_ERROR_SSL e.strerror _socket.SSLError: [Errno 1] Illegal state exception

以下是我尝试使用 jython 执行的代码,

import jsonrpclib
url = 'https://user:password@localhost/'
ss = jsonrpclib.Server( url )
version = ss.runCmds("ifconfig" )
print version

我正在使用 jsonrpc 库,并在方法“_request”中添加了包装器,如下所示

@trust_all_certificates
def _request(self, methodname, params, rpcid=None):
    request = dumps(params, methodname, encoding=self.__encoding,
                    rpcid=rpcid, version=self.__version)
    response = self._run_request(request)
    check_for_errors(response)
    return response['result']

包装器取自:http://tech.pedersen-live.com/2010/10/trusting-all-certificates-in-jython/,如下所示,

def trust_all_certificates(f):
'''Decorator function that will make it so the context of the    decorated method
will run with our TrustManager that accepts all certificates'''
def wrapped(*args, **kwargs):
    # Only do this if running under Jython
    if 'java' in sys.platform:
        from javax.net.ssl import SSLContext
        SSLContext.setDefault(TRUST_ALL_CONTEXT)
        try:
            res = f(*args, **kwargs)
            return res
        finally:
            SSLContext.setDefault(DEFAULT_CONTEXT)
    else:
        return f(*args, **kwargs)
return wrapped

如何解决这个问题?

【问题讨论】:

【参考方案1】:

我通过增加 ssl.py 第 165 行(Jython 3.7 库)中的等待时间解决了这个问题

    time.sleep(0.005)  # Necessary apparently for the handler to get into a good state
    try:
        self._sock._handle_channel_future(handshake, "SSL handshake")
    except socket_error, e:
        raise SSLError(SSL_ERROR_SSL, e.strerror)

【讨论】:

【参考方案2】:

这是 SSL 底层实现 netty 中的竞争条件。该错误已在 netty 4.0.34 中得到解决,因此升级到 Jython 2.7.1rc1 将解决该问题(2.7.1b3 仍使用 netty 4.0.33)。

如果升级 Jython 不是一个选项,那么可以通过编辑 Lib/ssl.py 来解决一个小问题:

添加一个新类:

class RaceFreeSslHandler(SslHandler):
    def channelActive(self, ctx):
        self.ctx = ctx
        SslHandler.channelActive(self)

并将self.ssl_handler = SslHandler(self.engine) 更改为self.ssl_handler = RaceFreeSslHandler(self.engine)

来源:https://github.com/jythontools/jython/pull/29/files

Jython 问题:http://bugs.jython.org/issue2401

网络问题:https://github.com/netty/netty/issues/4705

【讨论】:

以上是关于jython 中的 SSL 非法状态异常的主要内容,如果未能解决你的问题,请参考以下文章

使用片段中的处理程序时出现非法状态异常

jython 2.7.0 中的 SSLHandshakeException [重复]

非法监控状态异常java

JPA 非法状态异常 - CascadeType 问题

mMap.addPolyline 抛出非法状态异常

javaFX Alert抛出无法捕获的非法状态异常?