λ€μ μ½λλ₯Ό μ€ν μ€μ λλ€.
import requests
import ssl
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager
class SSLAdapter(HTTPAdapter):
'''An HTTPS Transport Adapter that uses an arbitrary SSL version.'''
def __init__(self, ssl_version=None, **kwargs):
self.ssl_version = ssl_version
super(SSLAdapter, self).__init__(**kwargs)
def init_poolmanager(self, connections, maxsize, block=False):
self.poolmanager = PoolManager(num_pools=connections,
maxsize=maxsize,
block=block,
ssl_version=self.ssl_version)
s = requests.Session()
s.mount('https://', SSLAdapter(ssl.PROTOCOL_TLSv1_2))
print(ssl.OPENSSL_VERSION)
r = s.get('https://bibliothek.weltenbau.net/api/profile/265854176393691138')
print(r.status_code)
Python 3.5.3μ μ¬μ©νλ©΄ λ€μ μ€λ₯κ° λ°μν©λλ€.
OpenSSL 1.1.0f 25 May 2017
Traceback (most recent call last):
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/urllib3/connectionpool.py", line 600, in urlopen
chunked=chunked)
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/urllib3/connectionpool.py", line 343, in _make_request
self._validate_conn(conn)
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/urllib3/connectionpool.py", line 849, in _validate_conn
conn.connect()
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/urllib3/connection.py", line 356, in connect
ssl_context=context)
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/urllib3/util/ssl_.py", line 359, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.5/ssl.py", line 385, in wrap_socket
_context=self)
File "/usr/lib/python3.5/ssl.py", line 760, in __init__
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 996, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 641, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:720)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/requests/adapters.py", line 445, in send
timeout=timeout
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/urllib3/connectionpool.py", line 638, in urlopen
_stacktrace=sys.exc_info()[2])
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/urllib3/util/retry.py", line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='bibliothek.weltenbau.net', port=443): Max retries exceeded with url: /api/profile/265854176393691138 (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:720)'),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "test.py", line 24, in <module>
r = s.get('https://bibliothek.weltenbau.net/api/profile/265854176393691138')
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/requests/sessions.py", line 525, in get
return self.request('GET', url, **kwargs)
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/requests/sessions.py", line 512, in request
resp = self.send(prep, **send_kwargs)
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/requests/sessions.py", line 622, in send
r = adapter.send(request, **kwargs)
File "/opt/weltenbau-bot/.venv/lib/python3.5/site-packages/requests/adapters.py", line 511, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='bibliothek.weltenbau.net', port=443): Max retries exceeded with url: /api/profile/265854176393691138 (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:720)'),))
Python 2.7.13μ μ¬μ©νλ©΄ λͺ¨λ κ²μ΄ μμλλ‘ μλν©λλ€.
OpenSSL 1.1.0f 25 May 2017
200
{
"chardet": {
"version": "3.0.4"
},
"cryptography": {
"version": ""
},
"idna": {
"version": "2.7"
},
"implementation": {
"name": "CPython",
"version": "3.5.3"
},
"platform": {
"release": "4.9.0-6-amd64",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "",
"version": null
},
"requests": {
"version": "2.19.1"
},
"system_ssl": {
"version": "1010006f"
},
"urllib3": {
"version": "1.23"
},
"using_pyopenssl": false
}
certifi==2018.4.16
chardet==3.0.4
idna==2.7
requests==2.19.1
urllib3==1.23
{
"chardet": {
"version": "3.0.4"
},
"cryptography": {
"version": ""
},
"idna": {
"version": "2.7"
},
"implementation": {
"name": "CPython",
"version": "2.7.13"
},
"platform": {
"release": "4.9.0-6-amd64",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "",
"version": null
},
"requests": {
"version": "2.19.1"
},
"system_ssl": {
"version": "1010006f"
},
"urllib3": {
"version": "1.23"
},
"using_pyopenssl": false
}
certifi==2018.4.16
chardet==3.0.4
idna==2.7
requests==2.19.1
urllib3==1.23
Python3 νκ²½μ pyOpenSSLμ μ€μΉνλ©΄ μ΄ λ¬Έμ κ° ν΄κ²°λλ κ² κ°μ΅λλ€.
μλ νμΈμ @ghtyrant λ
κ° Python μ€μΉ κ°μ SSL μ€μ μ μ½κ°μ μ°¨μ΄κ° μλ κ² κ°μ΅λλ€. 3.5 μΈν°ν리ν°κ° μλ²μ νμ©λλ νλ‘ν μ½μ νμν μ μμ΅λλ€. PyOpenSSLμ μ€μΉνλ©΄ μ΄ λ¬Έμ κ° ν΄κ²°λλ€λ μ¬μ€μ 3.5 SSL μ€μ μ λ¬Έμ κ° μμμ μμ¬ν©λλ€.
λΆννλ 2.7.13κ³Ό 3.5.3 μ€μΉ μ¬μ΄μμ λ‘μ»¬λ‘ μ¬νν μ μμμ΅λλ€. API/ꡬ쑰체 λ³κ²½μΌλ‘ μΈν΄ OpenSSL 1.1κ³Ό Pythonμ΄ ν¨κ» μ ꡬμΆλμ§ μλ μλ λ¬Έμ κ° λͺ κ°μ§ μλ€κ³ μκ°ν©λλ€.
λ΄κ° νμ¬ μ 곡ν μ μλ μ μΌν μ‘°μΈμ μμ€ν OpenSSLμ λν΄ 3.5.3μ λ€μ μ€μΉνκ±°λ 3.5.6μΌλ‘ μ κ·Έλ μ΄λνλ κ²μ λλ€. μμ²μ κ²°ν¨κ³Ό κ΄μ°°λλ λμμ λν λͺ νν λ§ν¬κ° μλμ§ νμ€νμ§ μμ΅λλ€. μ§κΈμ μ΄ λ¬Έμ λ«μ μμ μ΄μ§λ§ μΆκ° μ 보λ₯Ό μ°ΎμΌλ©΄ μΈμ λ μ§ λ€μ μ¬μμμ€. κ°μ¬ ν΄μ!
Debian 9μ packages.sury.orgμμ OpenSSL 1.1.1bλ₯Ό μ€μΉν λ λμΌν λ¬Έμ κ° λ°μνμ λ μ΄ λ¬Έμ κ° λ°μνμ΅λλ€. μ΄κ²μ nginx λ° TLS 1.3μ μ΅μ λ²μ μ μ»λ κ°μ₯ μ¬μ΄ λ°©λ²μ΄μμ΅λλ€.
κ·Έλ¬λ λΆλͺ ν κΈ°λ³Έ Python μ€μΉ(3.5.3)μμλ μ μ¬μλμ§ μμΌλ©° Django μ±μμ μ΄ μ€λ₯κ° λ°μνμ΅λλ€. pyOpenSSLμ μ€μΉνλ©΄ λ¬Έμ κ° ν΄κ²°λ©λλ€.
Debian 10μ΄ TLS 1.3κ³Ό Pythonμ΄ μ λλ‘ μλν λκΉμ§ κΈ°λ€λ €μΌ ν κ² κ°μ΅λλ€. ;-)
μ΄λ΄, λΉμ μ ν΄κ²°μ± μ μ°Ύμμ΅λκΉ?
κ°μ₯ μ μ©ν λκΈ
μ΄λ΄, λΉμ μ ν΄κ²°μ± μ μ°Ύμμ΅λκΉ?