ããã«ã¡ã¯
ããã¯ãSSLããªã¯ãšã¹ãã§æ©èœããªããšããå€ã話ã§ãããããã«äžæ©é²ãã§ããŸã... Dockerã³ã³ãã
ãªã¯ãšã¹ãã䜿çšããã¢ããªã±ãŒã·ã§ã³ããããããŒã«ã«ãã·ã³ã§ã¯æ£åžžã«åäœããŸãããDockerã³ã³ãããŒã«ãããã€ãããšããªã¯ãšã¹ãã¢ãžã¥ãŒã«ã§ãšã©ãŒãçºçããŸãïŒSSLãšã©ãŒïŒ
[2017-03-31 11ïŒ32ïŒ29,863]ã¢ããªã®ãšã©ãŒïŒ/ send [POST]ã®äŸå€
ãã¬ãŒã¹ããã¯ïŒæåŸã®æåŸã®åŒã³åºãïŒïŒ
ãã¡ã€ã« "/usr/local/lib/python2.7/dist-packages/flask/app.py"ãè¡1982ãwsgi_app
response = self.full_dispatch_requestïŒïŒ
ãã¡ã€ã«ã/usr/local/lib/python2.7/dist-packages/flask/app.pyãã1614è¡ç®ãfull_dispatch_request
rv = self.handle_user_exceptionïŒeïŒ
ãã¡ã€ã« "/usr/local/lib/python2.7/dist-packages/flask/app.py"ã1517è¡ç®ãhandle_user_exception
reraiseïŒexc_typeãexc_valueãtbïŒ
ãã¡ã€ã«ã/usr/local/lib/python2.7/dist-packages/flask/app.pyãã1612è¡ç®ãfull_dispatch_request
rv = self.dispatch_requestïŒïŒ
ãã¡ã€ã« "/usr/local/lib/python2.7/dist-packages/flask/app.py"ã1598è¡ç®ãdispatch_request
self.view_functionsrule.endpointãè¿ããŸã
sendrequestã®ãã¡ã€ã« "app.py"ã62è¡ç®
response = sess.postïŒurlãparamsãheaders = hãverify = FalseïŒ
ãã¡ã€ã« "/usr/local/lib/python2.7/dist-packages/requests/sessions.py"ã535è¡ç®ãæçš¿
self.requestïŒ 'POST'ãurlãdata = dataãjson = jsonã * kwargsïŒãè¿ããŸããã¡ã€ã« "/usr/local/lib/python2.7/dist-packages/requests/sessions.py"ãè¡488ããªã¯ãšã¹ãresp = self.sendïŒprepã* send_kwargsïŒ
ãã¡ã€ã« "/usr/local/lib/python2.7/dist-packages/requests/sessions.py"ãè¡609ãéä¿¡
r = adapter.sendïŒrequestã** kwargsïŒ
ãã¡ã€ã« "/usr/local/lib/python2.7/dist-packages/requests/adapters.py"ãè¡497ãéä¿¡
SSLErrorïŒeãrequest = requestïŒãçºçãããŸã
SSLError ïŒïŒ "äžæ£ãªãã³ãã·ã§ã€ã¯ïŒSysCallErrorïŒ-1ã 'äºæããªãEOF'ïŒ"ãïŒ
openSSLã«é¢é£ããŠããå¯èœæ§ããããšèããŸããã ãããã©ã®ããã«è§£æ±ºã§ãããã«ã€ããŠã®ã¢ã€ãã¢ã¯ãããŸããïŒ äŸåé¢ä¿ãå«ããå¿ èŠããããŸããïŒ
ã³ã³ããã§openssl version
ãå®è¡ã§ããŸããïŒ
ãããééããªãPythonã®ããŒãžã§ã³ã«é¢é£ããŠããå¯èœæ§ããããŸãããããç¥ãããã§ãã
ããã«ã¡ã¯
Python 2.7ïŒ12ïŒ
Openssl 1.0.2g
ããããšã
ã³ã³ããå ãšå€éšã§åãããŒãžã§ã³ã®ãªã¯ãšã¹ããå®è¡ããŠããŸããïŒ 2ã€ã®ããŒãžã§ã³ã¯äœã§ããïŒ
äœæ¥äžã¯2.11.1ãã³ã³ããå ã¯2..12.5ã éãã¯ãããŸããïŒ
ããããããã®2ã€ã®ããŒãžã§ã³ã®éã«ã¯ããã€ãã®ãŸãšããªã³ãŒãå€æŽããããŸãã ã³ã³ããã§2.11ã«ãã°ããããŠã³ã°ã¬ãŒãããŠãäœãèµ·ãããã確èªããŠã¿ãŸãããïŒ
ãŸã 倱æããŠããŸãããå¥ã®ãšã©ãŒã¡ãã»ãŒãžã衚瀺ãããŸã
..ã
..ã
ãã¡ã€ã« "/usr/local/lib/python2.7/dist-packages/requests/adapters.py"ãè¡491ãéä¿¡
SSLErrorïŒeãrequest = requestïŒãçºçãããŸã
SSLErrorïŒãããã³ã«ã«éåããŠEOFãçºçããŸããïŒ_ssl.cïŒ590ïŒ
ããŒãã ãã®ç°ãªããšã©ãŒã¯ã»ãšãã©åããšã©ãŒã§ãã é£çµ¡ããããšããŠããWebãµãŒããŒãæããŠãã ããã
ããã¯èªå·±çœ²å蚌ææžãæã£ãŠããç§èªèº«ã®ãµãŒããŒã§ãã SSLãç¡èŠããããã«verify = Falseãéä¿¡ããŠããŸãããæ°ã«å ¥ããªãããã§ã
response = sess.postïŒurlãparamsãheaders = hãverify = FalseïŒ
ãµãŒããŒã®TLSæ§æãšããµãŒããŒããªã³ã¯ãããŠããOpenSSLã®ããŒãžã§ã³ã衚瀺ã§ããŸããïŒ
ãã®TLS1.2ãšåãopenSSLããŒãžã§ã³...ç¹å¥ãªããšã¯äœããããŸããã ç§ã¯ããã«ãªããšæããŸã
Dockerã®å€ã§ã¯æ£åžžã«åäœããããããµãŒããŒåŽã§äœãåé¡ããããŸã
容åš
16:07æéã2017幎3æ31æ¥ã«ã¯ãã³ãŒãªãŒãã³ãã£ãŒã«ã[email protected]
æžããŸããïŒ
ãµãŒããŒã®TLSæ§æãšãOpenSSLã«ã€ããŠæããŠãã ããã
ãªã³ã¯ãããŠããããŒãžã§ã³ïŒâ
ã¹ã¬ãããäœæããããããããåãåã£ãŠããŸãã
ãã®ã¡ãŒã«ã«çŽæ¥è¿ä¿¡ããGitHubã§è¡šç€ºããŠãã ãã
https://github.com/kennethreitz/requests/issues/3948#issuecomment-290738188 ã
ãŸãã¯ã¹ã¬ããããã¥ãŒãããŸã
https://github.com/notifications/unsubscribe-auth/AMK55o2K5PaiflW3wHWD_rZYm_WFXXGyks5rrRa6gaJpZM4Mvjzc
ã
ãããã£ãŠãããã§ã®ãééã£ãããšã¯ãã¯ã©ã€ã¢ã³ããšãµãŒããŒãæåŸ ãããã®ã®éã«äžäžèŽããããã©ããã§ã®ã¿å®çŸ©ãããŸãã èå³æ·±ãããšã«ããµãŒããŒã¯SNIãæåŸ ããŠããŸããïŒ ãã¹ãåãŸãã¯IPçµç±ã§ãµãŒããŒã«ã¢ã¯ã»ã¹ããŠããŸããïŒ
ãã®ã³ã³ããã§ãåãURLã§ãµãŒããŒãã«ãŒã«ã§ããŸããïŒ ãããšãåã«telnetã§æ¥ç¶ããŸããïŒ ã³ã³ããããããã€ããå ŽæãããµãŒããŒã«ãªã¯ãšã¹ããå±ãã®ã§ã¯ãªãããšæããŸãã
ããã«ã¡ã¯
äž¡æ¹ã«å¿ããŠã SNIãæ³å®ããŠããããã¹ãåãä»ããŠå°éããŸã
telnetã§ããã³ã³ãããããµãŒããŒãŸã§ãåé¡ãããŸãã
ããã ç§ã¯httpçµç±ã§å¥ã®ãµãŒãã¹ãå
¬éããŸããããããã¯æ£åžžã«æ©èœããŸãã
äœã倱æããŠããã®ãSSLãã³ãã·ã§ã€ã¯
16:16æéã2017幎3æ31æ¥ã«ã¯ãã€ã¢ã³Cordasco [email protected]
æžããŸããïŒ
ãã®ã³ã³ããã§ãåãURLã§ãµãŒããŒãã«ãŒã«ã§ããŸããïŒ ãããã¯
ããã«telnetããã ãã§ããïŒ ãªã¯ãšã¹ãã¯ãããµãŒããŒã«å°éããããšããã§ããã®ã ããã
ã³ã³ããããããã€ããå Žæãâ
ã¹ã¬ãããäœæããããããããåãåã£ãŠããŸãã
ãã®ã¡ãŒã«ã«çŽæ¥è¿ä¿¡ããGitHubã§è¡šç€ºããŠãã ãã
https://github.com/kennethreitz/requests/issues/3948#issuecomment-290740743 ã
ãŸãã¯ã¹ã¬ããããã¥ãŒãããŸã
https://github.com/notifications/unsubscribe-auth/AMK55kVKzprqGA1n1PKJznWX_g_V7nsxks5rrRi-gaJpZM4Mvjzc
ã
ããŠãã³ã³ããå
ãããµãŒããŒã«å¯ŸããŠopenssl s_client -connect host:port
ãå®è¡ããçµæã¯ã©ããªããŸããïŒ
ããã«ã¡ã¯
åé¡ãªãæ¥ç¶ããŸãïŒconnectedïŒ00003ïŒïŒ
4ïŒ19 PMã§éã2017幎3æ31æ¥ã«ã¯ãã³ãŒãªãŒãã³ãã£ãŒã«ã[email protected]
æžããŸããïŒ
OKãopenssl s_client -connect hostïŒ porttoãå®è¡ããçµæã¯ã©ããªããŸãã
ã³ã³ããå ãããµãŒããŒïŒâ
ã¹ã¬ãããäœæããããããããåãåã£ãŠããŸãã
ãã®ã¡ãŒã«ã«çŽæ¥è¿ä¿¡ããGitHubã§è¡šç€ºããŠãã ãã
https://github.com/kennethreitz/requests/issues/3948#issuecomment-290741631 ã
ãŸãã¯ã¹ã¬ããããã¥ãŒãããŸã
https://github.com/notifications/unsubscribe-auth/AMK55oeDzw5HhrujLbMFLA6CCowT0umwks5rrRmLgaJpZM4Mvjzc
ã
ç³ãèš³ãããŸããããå šäœã®çµæã 亀æžã®çµæãã©ããªãã®ãèå³ããããŸãã
æ»ãã³ãŒãã®ç¢ºèªïŒ19ïŒèšŒææžãã§ãŒã³å ã®èªå·±çœ²å蚌ææžïŒ
16:34æéã2017幎3æ31æ¥ã«ã¯ãã³ãŒãªãŒãã³ãã£ãŒã«ã[email protected]
æžããŸããïŒ
ç³ãèš³ãããŸããããå šäœã®çµæã ç§ã¯ã©ã®ãããªçµæã«èå³ããããŸã
亀æžã§ããâ
ã¹ã¬ãããäœæããããããããåãåã£ãŠããŸãã
ãã®ã¡ãŒã«ã«çŽæ¥è¿ä¿¡ããGitHubã§è¡šç€ºããŠãã ãã
https://github.com/kennethreitz/requests/issues/3948#issuecomment-290746053 ã
ãŸãã¯ã¹ã¬ããããã¥ãŒãããŸã
https://github.com/notifications/unsubscribe-auth/AMK55o4JyAkpP5h1ZPLBOkRONN2z9Em8ks5rrRz-gaJpZM4Mvjzc
ã
ããããã¹ãŠã®çµæã§ã¯ãããŸããã ãã®ã³ãã³ããããã¹ãŠãã³ããŒããŠè²Œãä»ããŠãã ããã
ããããå šäœã®çµæã§ãã ãã¹ãŠã®åºåã å°å·ãããã®ãã¹ãŠã
ããã«ã¯ä»ã«èå³æ·±ããã®ã¯ãªããTLSããŒãžã§ã³ã蚌ææžæ å ±ãªã©ããããŸã...
ã³ã³ããã®å€ã§ãŸã£ããåãå¿çããããŸã
ãšã«ã»ãšã«ãŽã£ã2017幎3æ31æ¥ååŸ04æ40åã©ã¹ãã³ãŒãªãŒãã³ãã£ãŒã«ã[email protected]
escribióïŒ
ããããå šäœã®çµæã§ãã ãã¹ãŠã®åºåã å°å·ãããã®ãã¹ãŠã
â
ã¹ã¬ãããäœæããããããããåãåã£ãŠããŸãã
ãã®ã¡ãŒã«ã«çŽæ¥è¿ä¿¡ããGitHubã§è¡šç€ºããŠãã ãã
https://github.com/kennethreitz/requests/issues/3948#issuecomment-290747930 ã
ãŸãã¯ã¹ã¬ããããã¥ãŒãããŸã
https://github.com/notifications/unsubscribe-auth/AMK55iD8dY2eDxdfz1j0YzpteN8ThFJ3ks5rrR58gaJpZM4Mvjzc
ã
ãã®æ å ±ã¯ãŸãã«ç§ãèå³ãæã£ãŠãããã®ã§ããTLSã¯ã©ã€ã¢ã³ãHelloã®äœãããµãŒããŒãçãããŠããã®ã§ããµãŒããŒãäœãããŽã·ãšãŒãããŠãããã確èªããããšã«èå³ããããŸãã
ããŠããããç§ã®èšŒææžã§ã¯ãªãããšã確èªããããã«äœããããŸãããã ã©ãã§ãæ€çŽ¢ããŸã
èªå·±çœ²å蚌ææžã䜿çšããä»ã®ããŒãžïŒãåç¥ã®å Žåã¯
å
±æïŒãããŠç§ã¯ããã«å察ããããšããã®ã§ãããªãã¯ãããæ¥ç¶ããããšãã§ããã§ããã
ãµãŒããŒã
ãšã«ã»ãšã«ãŽã£ã2017幎3æ31æ¥ååŸ04æ46åã©ã¹ãã³ãŒãªãŒãã³ãã£ãŒã«ã[email protected]
escribióïŒ
ãã®æ
å ±ã¯ãŸãã«ç§ãèå³ãæã£ãŠãããã®ã§ããç§ãã¡ã®TLSã®äœã
Client Helloã¯ããªãã®ãµãŒããŒãçãããŠããã®ã§ãç§ã¯èŠãããšã«èå³ããããŸã
ãµãŒããŒãããŽã·ãšãŒãããŠãããã®ã
â
ã¹ã¬ãããäœæããããããããåãåã£ãŠããŸãã
ãã®ã¡ãŒã«ã«çŽæ¥è¿ä¿¡ããGitHubã§è¡šç€ºããŠãã ãã
https://github.com/kennethreitz/requests/issues/3948#issuecomment-290749603 ã
ãŸãã¯ã¹ã¬ããããã¥ãŒãããŸã
https://github.com/notifications/unsubscribe-auth/AMK55oT_6jlrkIO4VlXRsoohjEGzNy3pks5rrR_TgaJpZM4Mvjzc
ã
ããã¯ããªãã®èšŒææžã§ã¯ãããŸããã åé¡ã®ãšã©ãŒã¡ãã»ãŒãžïŒäºæããªãEOFïŒã¯ãTLSãã³ãã·ã§ã€ã¯äžã«ãµãŒããŒãTCPFINãŸãã¯RSTãã±ããããŸãã ããã¯ããµãŒããŒãç§ãã¡ã§ã¯ãªãæ¥ç¶ãéããããšãéžæããããšãæå³ããµãŒããŒã¯ãç§ãã¡ã奜ããªããšãããŠããªããšå€æãããšããããšã§ãã çµæãšããŠãããã¯ããªãã®èšŒææžã®ããã§ã¯ããããŸããïŒç§ãã¡ã¯ãŸã ãããæ€èšŒãããšãããŸã§å°éããŠããŸããã
@javixeneizeã¯ãç§ãã¡ãããªãã«æ±ããæ å ±ãªãã§ãç§ãã¡ãä»ã«äœãã§ãããããããŸããã
OK OK ...æææ¥ã«æäŸããŸã
ãšã«ã»ãšã«ã»ãŽã£ã2017幎3æ31æ¥17ïŒ19ã©ã¹ãã€ã¢ã³Cordasco [email protected]
escribióïŒ
@javixeneizehttps ïŒ//github.com/javixeneizeæ å ±ãªã
ç§ãã¡ã¯ããªãã«ãé¡ãããŸãããç§ã¯ç§ãã¡ãå©ããããã«ä»ã«äœãã§ãããããããŸãããâ
ããªããèšåãããã®ã§ãããªãã¯ãããåãåã£ãŠããŸãããã®ã¡ãŒã«ã«çŽæ¥è¿ä¿¡ããGitHubã§è¡šç€ºããŠãã ãã
https://github.com/kennethreitz/requests/issues/3948#issuecomment-290759070 ã
ãŸãã¯ã¹ã¬ããããã¥ãŒãããŸã
https://github.com/notifications/unsubscribe-auth/AMK55ugTXZp-cZpp9JJJ7WmACcYXho2Rks5rrSeegaJpZM4Mvjzc
ã
root<strong i="5">@4f66ccbaef3c</strong>:/# openssl s_client -connect api.quinto.ai:443
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = fbbot.quintoapp.com
verify return:1
---
Certificate chain
0 s:/CN=fbbot.quintoapp.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISA1Bg18LrjA3qyyrEDmzE+5YSMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAzMTQwNzMyMDBaFw0x
NzA2MTIwNzMyMDBaMB4xHDAaBgNVBAMTE2ZiYm90LnF1aW50b2FwcC5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0xbEa4W4k4BlPrIxeVX+ekPl1
Od4OuwepY5Ha2BQd6YMiphh+we5H6JVu2XDuPbQnmQMtEwGa2T2Adhic4bGPPC7+
0j+utJuqGBRIbYJ09A5EQOhB4HhOSI82l1ZpPkHpvOiC4UoEgG4KOLnqBX0JydI3
8vhiV4EgbLr77wARsEeinK+Zj+7bpsEK8q+B7mR5km6f6tKT/i++Wd4Fx3Pz7iuK
aCulKzG4IMxopE/9DDf608H/3cFcSHvg/4IguPoOCx2ArNKE7QCNFGYAx9HhnV2y
AYVbd2WGWeJKuNWEwCF+nvxGDo4cHdT6kq9HHB6kPTYrZb7PrKtkq1C3MNB/AgMB
AAGjggIUMIICEDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFENiqFyUkXGaxd/woyxi
6SqQz2WqMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAGCCsGAQUF
BwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNy
eXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j
cnlwdC5vcmcvMB4GA1UdEQQXMBWCE2ZiYm90LnF1aW50b2FwcC5jb20wgf4GA1Ud
IASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIB
FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtU
aGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlp
bmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRp
ZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9y
ZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAf80at95dsb9WsSMaChtKNEJR
FfuPd/5MZaqFxWM6+AtEGZt2qbeOExIShEHFehUSWQnrCBTiPY6ildK1E5nhduap
4K0O7FrnMVaNBhnoBT7jsZMs7ivLpaKCT6imR71hQTUv07xw1kQJMu/jrHHtVjNi
9iI+VryZeETIVBtCXbirwKxT0JYLicdS/9M9m9wC7/H8xWVkcRR5dMI2Im+4klX4
eGmgi+XCJPkDZZEpfQHmIqQQ9ccCpP0BFs0JqfwLich71NdPihVnJDhVZrEVMcgs
+412WdWCOTIXrEzsL6xddypVETY2k5Z3S8sZTInWA9nYOGHW82xwh6/tRU+yiQ==
-----END CERTIFICATE-----
subject=/CN=fbbot.quintoapp.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3157 bytes and written 433 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 78B1ABFE5A7BF1E698FB5D43D1A75D6F874DD9D2E12816E3276B349FC0C4B96B
Session-ID-ctx:
Master-Key: B6EE0F224CB1A93379B86524E9F01D618A018E2F1D68F5AB29F7570611F0D9CF4210F9946335A9FAAEEA143B0BC98D26
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 00 39 b1 81 4d f9 90 0a-b2 dd a8 e7 b5 6b 74 7c .9..M........kt|
0010 - ba 4e 8b 51 75 df c4 ae-e1 6c dc 3e 05 a1 0e fc .N.Qu....l.>....
0020 - 4e 61 83 34 f4 ea 06 b7-8d 54 82 01 a8 b2 fa 2a Na.4.....T.....*
0030 - 48 69 01 b5 06 6b ee 18-3d 93 f5 d7 31 d8 66 8f Hi...k..=...1.f.
0040 - a4 6f f4 6c 2d 48 37 9f-33 b7 36 49 39 1f 2f 31 .o.l-H7.3.6I9./1
0050 - 1a 0d 8f 8e 34 36 3d d1-09 fb 6b 5b 5d 68 80 3e ....46=...k[]h.>
0060 - 66 d9 44 11 4d 12 d5 cc-df eb c3 45 ae 04 10 56 f.D.M......E...V
0070 - 34 ad 98 8f f9 1b f2 33-00 a4 b3 3c a5 40 80 8e 4......3...<.@..
0080 - 9b f1 b5 40 e5 2b 29 86-7e 2b f6 95 03 4b e3 b4 ...@.+).~+...K..
0090 - ab 16 25 bc 47 bf fb 87-dc 13 0e 10 a8 1b 18 fb ..%.G...........
00a0 - 3b 65 07 96 05 ce 1a c2-9a d4 d8 73 fd 38 40 8b ;e.........s.8@.
00b0 - 0e 52 df 26 19 fc 9f 04-06 28 b3 25 5c e2 64 51 .R.&.....(.%\.dQ
Start Time: 1496212705
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
read:errno=0
ããªãã®å®éã®åé¡ã¯äœã§ãã@ harry1064ïŒ
@Lukasaäžèšã®openssl s_client -connect api.quinto.ai:443
ã³ãã³ãã®çµæããµãŒããŒã§å®è¡ãããŠããDockerã³ã³ãããŒå
ã§å®è¡ãããå ŽåãCNã¯fbbot.quintoapp.comã§ãããDockerã³ã³ãããŒãå®è¡ãããŠãããã¹ããµãŒããŒãæããŠããããšãããããŸãã
ãããããã¹ããµãŒããŒã§å®è¡ããã®ãšåãã³ãã³ãã§ããCNã¯api.quinto.aiã§ããã
ã€ãŸããåºæ¬çã«ãDockerã³ã³ãããŒã§å®è¡ãããŠããPythonãµãŒããŒããããå¥ã®ãµãŒããŒapi.quinto.aiã«ãªã¯ãšã¹ããéä¿¡ãããã®ã§ããããªã¯ãšã¹ãã䜿çšããŠãããè¡ãããšã¯ã§ããŸããã ãã¹ããã·ã³ã®ã€ã³ã¿ãŒããªã¿ãŒã§å®è¡ããã®ãšåãPythonã³ãŒããããã¯æ£åžžã«æ©èœããŠããŸãããDockerã³ã³ãããŒã«ãã°ã€ã³ããŠãPythonã€ã³ã¿ãŒããªã¿ãŒå
ããåãã³ãŒããå®è¡ãããšãæ©èœããŸãã
ããã©ã«ãã§ã¯ãOpenSSL s_clientã¯ãµãŒããŒå衚瀺ãã£ãŒã«ãã衚瀺ããŸãããããã¯ããªã¢ãŒããµãŒããŒãéžæãã蚌ææžã衚瀺ããããšãæå³ããŸãã ã³ãã³ãã次ã®ããã«å€æŽãããšãã©ã¡ãã®å ŽåãåãåºåãåŸãããŸããïŒ
openssl s_client -connect api.quinto.ai:443 -servername api.quinto.ai
ããã§ãªãå Žåã§ããããã¯Requestsã§ã¯ãªãdockerã®åé¡ã®ããã«èãããŸããã€ãŸããRequestsããŸã£ãã䜿çšããªãopensslã³ãã³ãã©ã€ã³ã䜿çšããŠåé¡ãåçŸããŠããããã«èŠããŸãã ã§ããããããªããç§ãã¡ã«ããªãã®åé¡ãã©ã®ããã«è§£æ±ºããŠã»ããã®ãããããŸããã
ã©ã¡ãã®å Žåãåãåå¿ããããŸããã ã ããç§ã¯ãŸããããããiptableséã®ãããã³ã°ã䜿çšããŠããã®ã§ãããã¯dockerã®åé¡ã ãšæããŸãã
å€åããã¯èª°ããå©ããããšãã§ããŸãã ç§ã«ãšã£ãŠããããã€ã³ã¹ããŒã«ããå¿ èŠããããŸããïŒ
OpenSSL 1.0.2g 2016幎3æ1æ¥
requests[security]==2.7.0 # not 2.18.x
cryptography==1.9 # not 2.0
ãã®è°è«ã¯æ°ã¶æåã«é³è åããã ãããéããŸãã å¿ èŠã«å¿ããŠåéã§ããŸãã
@ harry1064 @javixeneizeçããã¯ããã«å¯Ÿãã解決çãèŠã€ããŸãããïŒ ç§ã¯åãåé¡ãæ±ããŠãããããããããã¯Dockerã®åé¡ã§ããå¯èœæ§ããããŸãã ããããç§ã¯æ¬åœã«ãããå æããæ¹æ³ãç¥ããŸãã...
ããããšãïŒ
ããã...
El El jueã11 ene 2018 a las 14ïŒ11ãGabriel Gularte <
[email protected]>escribióïŒ
@ harry1064 https://github.com/harry1064 @javixeneize
https://github.com/javixeneizeçããã¯è§£æ±ºçãèŠã€ããŸããã
ããïŒ ç§ã¯åãåé¡ãæ±ããŠãããããããããã¯Dockerã®åé¡ã§ããå¯èœæ§ããããŸãã ããã
ç§ã¯æ¬åœã«ãããå æããæ¹æ³ãç¥ããŸãã...ããããšãïŒ
â
ããªããèšåãããã®ã§ãããªãã¯ãããåãåã£ãŠããŸãã
ãã®ã¡ãŒã«ã«çŽæ¥è¿ä¿¡ããGitHubã§è¡šç€ºããŠãã ãã
https://github.com/requests/requests/issues/3948#issuecomment-356944272 ã
ãŸãã¯ã¹ã¬ããããã¥ãŒãããŸã
https://github.com/notifications/unsubscribe-auth/AMK55roWfMLccuizdHkWQTTOq2gU3BXMks5tJhYegaJpZM4Mvjzc
ã
ãããã®ããŒãžã§ã³ãã€ã³ã¹ããŒã«ããŠã¿ãŠãã ããã
requests[security]==2.7.0
cryptography==1.9
pyOpenSSL==17.4.0
ããã«ã¡ã¯ ã
ç§ã¯åæ§ã®åé¡ãæ±ããŠããŸãããäžèšã®ããŒãžã§ã³ã«å£åããåŸããã¹ãŠãã¹ã ãŒãºã«é²ã¿ãŸããïŒ python 3.6
ïŒ
æãåèã«ãªãã³ã¡ã³ã
ãããã®ããŒãžã§ã³ãã€ã³ã¹ããŒã«ããŠã¿ãŠãã ããã