最近在 SSL 3 中发现了一个漏洞,Apple 决定将其关闭以用于推送通知 (APNS)。以下是2014 年 10 月 22 日发布的公告。
在过去的几天里,我的开发推送服务器一直在崩溃,出现以下异常:
Traceback (most recent call last):
File "/var/django/current/manage.py", line 12, in <module>
execute_from_command_line(sys.argv)
File "/var/django/shared/env/local/lib/python2.7/site-packages/django/core/management/__init__.py", line 399, in execute_from_command_line
utility.execute()
File "/var/django/shared/env/local/lib/python2.7/site-packages/django/core/management/__init__.py", line 392, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "/var/django/shared/env/local/lib/python2.7/site-packages/django/core/management/base.py", line 242, in run_from_argv
self.execute(*args, **options.__dict__)
File "/var/django/shared/env/local/lib/python2.7/site-packages/django/core/management/base.py", line 285, in execute
output = self.handle(*args, **options)
File "/var/django/releases/7f093a6773161ea21d18c502eaf1a38c76749314/my_app/management/commands/load_apns_feedback.py", line 35, in handle
for ios_push_notification_hex_token, unavailability_detected_at in feedback_service.feedback():
File "/var/django/shared/env/local/lib/python2.7/site-packages/apnsclient/apns.py", line 696, in feedback
self._connection.refresh()
File "/var/django/shared/env/local/lib/python2.7/site-packages/apnsclient/apns.py", line 269, in refresh
self._ensure_socket_open()
File "/var/django/shared/env/local/lib/python2.7/site-packages/apnsclient/apns.py", line 262, in _ensure_socket_open
self._connect_and_handshake()
File "/var/django/shared/env/local/lib/python2.7/site-packages/apnsclient/apns.py", line 252, in _connect_and_handshake
self._connection.do_handshake()
File "/var/django/shared/env/local/lib/python2.7/site-packages/OpenSSL/SSL.py", line 1076, in do_handshake
self._raise_ssl_error(self._ssl, result)
File "/var/django/shared/env/local/lib/python2.7/site-packages/OpenSSL/SSL.py", line 871, in _raise_ssl_error
_raise_current_error()
File "/var/django/shared/env/local/lib/python2.7/site-packages/OpenSSL/_util.py", line 22, in exception_from_error_queue
raise exceptionType(errors)
OpenSSL.SSL.Error: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure')]
我怎样才能解决这个问题?有没有办法告诉 apns-client 避免使用 SSL 3 而使用 TLS?