1

我尝试了各种 Oauth2 包,试图将我的 Node 应用程序与 Google 的 oauth2 服务连接起来——我过去已经成功地做到了这一点。

现在,无论我尝试什么,我都会遇到相同的错误,即“ SSLv3 methods disabled ”。我知道这是 Node 中最近发生的一项更改,即禁用 SSLv3 以防止 SSL 中的 POODLE 漏洞。我的测试表明,如果您不向请求对象提供密钥和证书,则一切都默认为 SSLv3(这显然已损坏)。

问题是——流行的 google oauth2 软件包似乎都不允许选择将您自己的密钥和证书传递到请求中。我可以用猴子修补自己的钥匙,但是,考虑到这应该会影响很多人,我觉得我错过了一些东西和/或做错了什么。

有人遇到这个问题并有更直接的解决方案吗?

这是堆栈跟踪;

server-0 Error: SSLv3 methods disabled
server-0     at Error (native)
server-0     at new SecureContext (_tls_common.js:23:20)
server-0     at Object.createSecureContext (_tls_common.js:42:11)
server-0     at Object.TLSSocket._init.ssl.onclienthello.ssl.oncertcb.exports.connect (_tls_wrap.js:999:48)
server-0     at Agent.createConnection (https.js:80:22)
server-0     at Agent.createSocket (_http_agent.js:172:16)
server-0     at Agent.addRequest (_http_agent.js:141:23)
server-0     at new ClientRequest (_http_client.js:137:16)
server-0     at Object.exports.request (http.js:31:10)
server-0     at Object.exports.request (https.js:197:15)
server-0     at Request.start (MY_LOCAL_PATH/node_modules/google-auth-library/node_modules/request/request.js:799:30)
server-0     at Request.write (MY_LOCAL_PATH/node_modules/google-auth-library/node_modules/request/request.js:1360:10)
server-0     at end (MY_LOCAL_PATH/node_modules/google-auth-library/node_modules/request/request.js:556:16)
server-0     at Immediate._onImmediate (MY_LOCAL_PATH/node_modules/google-auth-library/node_modules/request/request.js:584:7)
server-0     at processImmediate [as _immediateCallback] (timers.js:383:17)

如前所述,如果我提供自己的密钥,则手动进行直接 SSL 连接没有问题。以下代码工作正常;

var tls = require ('tls');
var fs = require ('fs');

var options = {
    host: 'google.com',
    port: '443',
    key: fs.readFileSync('key.pem'),
    cert: fs.readFileSync('cert.pem'),
};

var Stream = tls.connect(options, function () {
    console.log('client connected', Stream.authorized ? 'authorized' : 'unauthorized');
    process.stdin.pipe(Stream);
    process.stdin.resume();
});
Stream.on('data', function (stuff) {
    console.log(stuff);
});
Stream.on('end', function () {
    console.log('END');
});
Stream.on('error', function (err) {
    throw err;
});
4

0 回答 0