连接被对等重置 - SSL_connect 打开 URL

Connection reset by peer - SSL_connect when opening a URL

我正在尝试从 BingAds 下载 .zip 文件 URL 并且正在努力绕过此错误:

Connection reset by peer - SSL_connect

我目前通过另一个应用程序 运行 生产此代码,但我正在使用 nitrous.io 用于 chromebook 上的新应用程序并且 运行 关闭其默认 rails 安装(氮气盒)。

当前在其他应用程序中运行的代码:

class BingApi
  def self.get_data(request_params={})
    require 'zip'

    #Acquire Bing report download URL
    report_url = BingApi.acquire_report_url(report_request_id, request_params)

    zip_file = open(report_url)

    unzippedxml = Zip::File.open(zip_file)                      # open zip
    entry = unzippedxml.entries.reject(&:directory?).first      # take first non-directory
    entry.get_input_stream{|is| is.read }          # read file contents
  end

report_url 看起来像:https://download.api.bingads.microsoft.com/ReportDownload/Download.aspx?q=cWmkJ72lVlzGEG%2fouLL8Xes2j6I5qVhLrnTqNIrW.....

访问时会提示下载.zip文件,我解压后解析。

但是,在 chromebook 上使用氮气盒的相同代码给出了 Connection reset by peer - SSL_connect 错误

Errno::ECONNRESET - Connection reset by peer - SSL_connect:                                                                                                                                                                                          
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/net/http.rb:920:in `block in connect'                                                                                                                                                    
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/timeout.rb:76:in `timeout'                                                                                                                                                               
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/net/http.rb:920:in `connect'                                                                                                                                                             
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/net/http.rb:863:in `do_start'                                                                                                                                                            
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/net/http.rb:852:in `start'                                                                                                                                                               
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:313:in `open_http'                                                                                                                                                           
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:724:in `buffer_open'                                                                                                                                                         
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:210:in `block in open_loop'                                                                                                                                                  
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:208:in `open_loop'                                                                                                                                                           
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:149:in `open_uri'                                                                                                                                                            
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:704:in `open'                                                                                                                                                                
  /home/action/.parts/packages/ruby2.1/2.1.1/lib/ruby/2.1.0/open-uri.rb:34:in `open'                                                                                                                                                                 
  lib/bing_api.rb:25:in `get_data'                                                                                                                                                                                                                   
  lib/bing_api.rb:224:in `get_and_parse'   

我一直在尝试各种不同的解决方案:

zip_file = open(report_url, :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE)

zip_file = Faraday.get(report_url, :ssl => false)

最后我通过使用绕过了它:

uri = URI.parse(report_url)
https = Net::HTTP.new(uri.host, uri.port)
https.open_timeout = 5
https.use_ssl = true
https.ssl_version = 'SSLv3'
request = Net::HTTP::Get.new(uri.request_uri)
zip_file = https.request(request)

但我无法将 zip_file 传递给 unzippedxml = Zip::File.open(zip_file),否则我会收到 no implicit conversion of Net::HTTPOK into String TypeError。

我是不是漏掉了一些简单的东西?我应该对那个 zip_file.class => Net::HTTPOK 对象做些不同的事情吗?

我尝试调用 zip_file.body,但返回的内容与您在解压缩之前尝试在编辑器中打开压缩文件时看到的内容类似。

服务器坏了。

它只支持显式TLS1.0和SSL3.0握手,不支持最常用和最兼容的SSLv23握手。即使使用明确的 TLS1.0 握手,如果您包含错误或过多的密码,它也可能会失败。 analyze.pl 的相关输出:

* version SSLv23, no verification, ciphers= -> FAIL! SSL wants a read first
* version SSLv23, no verification, ciphers=HIGH:ALL -> FAIL! SSL wants a read first
* version TLSv1_2, no verification, ciphers= -> FAIL! SSL wants a read first
* version TLSv1_2, no verification, ciphers=HIGH:ALL -> FAIL! SSL wants a read first
* version TLSv1_1, no verification, ciphers= -> FAIL! SSL connect attempt failed error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
* version TLSv1_1, no verification, ciphers=HIGH:ALL -> FAIL! SSL wants a read first
* version TLSv1 no verification, ciphers= -> TLSv1,AES256-SHA
* version TLSv1, no verification, ciphers=HIGH:ALL -> FAIL! SSL wants a read first
* version SSLv3 no verification, ciphers= -> SSLv3,AES256-SHA
* version SSLv3 no verification, ciphers=HIGH:ALL -> SSLv3,AES256-SHA
* supported SSL versions with handshake used and preferred cipher(s):
  * handshake protocols ciphers
  * SSLv23    FAILED: SSL wants a read first 
  * TLSv1_2   FAILED: SSL wants a read first 
  * TLSv1_1   FAILED: SSL connect attempt failed error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number SSL wants a read first 
  * TLSv1     TLSv1     AES256-SHA
  * SSLv3     SSLv3     AES256-SHA

从这里可以看出,SSLv23、TLSv1_2 和 TLSv1_1 握手不起作用,TLSv1 握手确实起作用,但如果密码是 HIGH:ALL(可能密码太多或可能意外包括密码)。然后 SSLv3 握手工作稳定。

浏览器通过尝试多次同时缓慢降级握手中使用的 SSL/TLS 协议版本来解决这种行为。但除了浏览器之外,几乎没有其他人在这样做。因此,任何其他应用程序通常都会失败,除非它们被专门配置为与此服务器使用 TLS1.0 或 SSL3.0 握手。

but I can't pass the zip_file to unzippedxml = Zip::File.open(zip_file) or I get a no implicit conversion of Net::HTTPOK into String TypeError.

至少你给的 URL 只 returns 404 没有找到。请检查您是否确实得到了一个 ZIP 文件。我不知道这个服务器,但这些下载链接通常是动态创建的,并且只有在您之前访问过另一个站点并在那里获得 cookie 或类似的东西以将 URL 绑定到您的网站时才有效浏览器会话。