1

我有以下工作 curl 命令:

curl -k -E some_cert.pem https://someurl.com/__dirlist__

尝试在 Ruby 中实现这一点我有:

uri = URI.parse('https://someurl.com/__dirlist__')

http_session = Net::HTTP.new(uri.host, uri.port)
http_session.ca_file = "some_cert.pem"
http_session.use_ssl = true
http_session.verify_mode = OpenSSL::SSL::VERIFY_NONE

res = http_session.get(uri.request_uri)

我已经尝试过使用所有不同版本的 SSL(使用http_session.ssl_version = :SSLv2_client等),所有这些都失败了(有些带有不同的消息),我使用 wireshark 匹配版本以查看 curl 使用的是什么所以不要认为这是问题(尽管ruby 发送了一堆额外的设置,似乎没有一个相关的)。

从阅读其他错误报告中,我看到人们有很多与证书存储中没有适当证书有关的问题,但是SSL::VERIFY_NONE我不明白这有什么关系。

我不能排除它可能是我的 Ruby 中的 openssl,但鉴于我也在另一台机器上运行此代码并得到相同的错误,我认为 curl 正在链接同一个 openssl(我不知道如何检查这个)。

我已经浏览了 rdocs,就像我已经用尽了 Net:HTTP 中可用的所有设置一样。

这是我看到的不伦不类的错误(稍微匿名):

OpenSSL::SSL::SSLError: SSL_read:: ssl handshake failure
from /Users/a_user/.rvm/gems/ruby-1.9.3-p0@project/gems/right_http_connection-1.3.0/lib/net_fix.rb:52:in `sysread'
from /Users/a_user/.rvm/gems/ruby-1.9.3-p0@project/gems/right_http_connection-1.3.0/lib/net_fix.rb:52:in `block in rbuf_fill'
from /Users/a_user/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/timeout.rb:68:in `timeout'
from /Users/a_user/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/timeout.rb:99:in `timeout'
from /Users/a_user/.rvm/gems/ruby-1.9.3-p0@project/gems/right_http_connection-1.3.0/lib/net_fix.rb:51:in `rbuf_fill'
from /Users/a_user/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/net/protocol.rb:122:in `readuntil'
from /Users/a_user/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/net/protocol.rb:132:in `readline'
from /Users/a_user/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/net/http.rb:2562:in `read_status_line'
from /Users/a_user/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/net/http.rb:2551:in `read_new'
from /Users/a_user/.rvm/gems/ruby-1.9.3-p0@project/gems/right_http_connection-1.3.0/lib/net_fix.rb:146:in `request'
from /Users/a_user/.rvm/gems/ruby-1.9.3-p0@project/gems/right_http_connection-1.3.0/lib/net_fix.rb:131:in `block in request'
from /Users/a_user/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/net/http.rb:745:in `start'
from /Users/a_user/.rvm/gems/ruby-1.9.3-p0@project/gems/right_http_connection-1.3.0/lib/net_fix.rb:129:in `request'
from /Users/a_user/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/net/http.rb:1026:in `get'
4

1 回答 1

0

从卷曲手册:

   -k, --insecure
          (SSL)  This  option explicitly allows curl to perform "insecure"
          SSL connections and transfers. All SSL connections are attempted
          to  be  made secure by using the CA certificate bundle installed
          by default. This makes  all  connections  considered  "insecure"
          fail unless -k, --insecure is used.

所以在没有的情况下运行-k也可能会揭示 curl 的问题。

于 2013-10-24T18:14:46.570 回答