httplib drops ssl connection to MS IIS Server
Ng Pheng Siong
ngps at vista.netmemetic.com
Tue Apr 16 11:35:35 EDT 2002
According to Jon Ribbens <jon+usenet at unequivocal.co.uk>:
> In article <mailman.1018741166.19994.python-list at python.org>, Marco Caamano wrote:
> > socket.sslerror: (5, 'EOF occurred in violation of protocol')
>
> It is a bug in MS IIS, it just closes the SSL socket rather than going
> through the SSL shutdown negotiation. I don't think you can work
> around this using httplib.
Nobody is accusing MS IIS of being bug-free, but I think in this instance
the bug is with Python's SSL. Here's a slightly-reworked version of the
OP's code that uses M2Crypto.httpslib.HTTPSConnection:
from M2Crypto import SSL, httpslib
def testurl3():
ctx = SSL.Context()
ctx.set_info_callback()
print '\n\nUsing HTTPS request'
body = '\202test'
hs = httpslib.HTTPSConnection('209.154.200.218', 443, ssl_context=ctx)
hs.set_debuglevel(4)
hs.putrequest('POST', '/scripts/gateway.dll?Transact')
hs.putheader('Content-Type', 'x-Visa-II/x-auth')
hs.putheader('Content-Length', str(len(body)))
hs.endheaders()
hs.send(body)
resp = hs.getresponse()
print resp.read()
return
if __name__ == '__main__':
testurl3()
Running it gives the following output:
----------
Using HTTPS request
LOOP: SSL connect: before/connect initialization
LOOP: SSL connect: SSLv2/v3 write client hello A
LOOP: SSL connect: SSLv3 read server hello A
LOOP: SSL connect: SSLv3 read server certificate A
LOOP: SSL connect: SSLv3 read server done A
LOOP: SSL connect: SSLv3 write client key exchange A
LOOP: SSL connect: SSLv3 write change cipher spec A
LOOP: SSL connect: SSLv3 write finished A
LOOP: SSL connect: SSLv3 flush data
LOOP: SSL connect: SSLv3 read finished A
INFO: SSL connect: SSL negotiation finished successfully
send: 'POST /scripts/gateway.dll?Transact HTTP/1.1\r\n'
send: 'Host: 209.154.200.218:443\r\n'
send: 'Accept-Encoding: identity\r\n'
send: 'Content-Type: x-Visa-II/x-auth\r\n'
send: 'Content-Length: 5\r\n'
send: '\r\n'
send: '\x82test'
reply: 'HTTP/1.1 100 Continue\r\n'
header: Server: Microsoft-IIS/4.0
header: Date: Tue, 16 Apr 2002 15:42:50 GMT
ALERT: write: warning: close notify
----------
The "LOOP", "INFO", etc. stuff shows SSL protocol negotiation in action.
No protocol violation.
M2Crypto also wraps OpenSSL. Does a better job than the current Python's,
if I do say so myself. ;-)
> This is discussed in SourceForge bug id 494762. That was closed
> without fix so I have opened a new one 544234.
Perhaps an interested party may wish to explore grafting M2Crypto's
ssl_read() and ssl_write() routines to Python's socket module. I am busy
bootstrapping my start-up, so I can't commit any effort to this, sorry.
Alternatively, just use M2Crypto.
--
Ng Pheng Siong <ngps at netmemetic.com> * http://www.netmemetic.com
More information about the Python-list
mailing list