darksky api:TLS 要求已更改,库不再有效
darksky api: TLS requirements changed, library no longer works
我一直在为 darksky 使用这个 C# 库包装器 API:
https://github.com/amweiss/dark-sky-core
在我的实现中,我每 3 分钟轮询一次以获取我在家庭恒温器网络中使用的预测:
async void GetForecast()
{
// https://darksky.net/dev/docs#forecast-request
float Temp, DewPoint, WindSpeed, WindChill, Humidity, HeatIndex;
var client = new DarkSkyService("user-api-key");
try
{
Forecast fc = await client.GetWeatherDataAsync(38.329444, -87.412778);
Temp = (float)Math.Floor(fc.Currently.Temperature);
PublishTemp(Temp);
// for database, get temp, dewpoint, calculate windchill, calculate heatindex
DewPoint = (float)fc.Currently.DewPoint;
WindSpeed = (float)fc.Currently.WindSpeed;
Humidity = (float)fc.Currently.Humidity; // range: 0-1
WindChill = (float)CalculateWindChill(Temp, WindSpeed);
HeatIndex = (float)CalculateHeatIndex(Temp, Humidity);
SaveToDatabase(Temp, DewPoint, WindChill, HeatIndex);
RxForecast = true;
if (DateTime.Now.Hour != LastForecastHour)
{
LatestForecast = fc;
LastForecastHour = DateTime.Now.Hour;
PublishForecasts();
}
}
catch (Exception s) {
RxForecast = false;
}
ForecastWaitTime = RxForecast ? FAST_FORECAST_CYCLE : SLOW_FORECAST_CYCLE;
}
在一周前突然停止工作之前,它已经工作了大约 4 个月。 Darksky 支持表示他们最近实施了安全更新,不再支持大多数常见的 TLS 密码(引用):
- TLS 1.0
- TLS 1.1
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
You can definitively determine whether your app works with the new SSL permissions by testing against
https://api.darksky.net:4433/. If you decide to update SSL on your end, you can test the API by sending a request here: https://api.darksky.net:4433/v1/status.txt.
Note that we will be making additional security-related updates in the coming weeks so there will be more changes in the near future. We don't have a notification system for alerting users to changes made on our backend but we do offer a feed for our status page, which often includes information about updates that have been or will be made (https://status.darksky.net/). We'll do our very best to make sure we communicate them as we're able to. Additionally, to avoid future disruptions we strongly recommend switching to one of the following, which should carry you through any of the additional security updates that will be applied in the near future:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
我不知道我需要对 'update TLS' 的代码进行哪些更改,而且我似乎无法从 darksky 获得更多信息。与此同时,我的警报系统处于停止状态。
有一件事我不明白,如果我在浏览器中输入 URL:
https://api.darksky.net/forecast/my-api-key/38.329444, -87.412778
它工作正常,立即 returns 一个巨大的 JSON 预测字符串。在代码中使用 HttpWebRequest、HttpClient 或 WebClient 尝试此操作会导致不同的 "errors occurred" 异常。总的来说,我宁愿将库用于易于解释的返回 Forecast 对象。
这个 TLS 更新是我在开发环境之外的系统级别进行的吗?
或者,有没有我可以切换到 darksky 的替代品?
您有两个选择:
1:更新你正在使用的库并重新编译。此问题已在其 github 页面上报告:
https://github.com/jcheng31/DarkSkyApi/issues/28
2:这有点工作,但您可以将预测模块移动到 Linux/Raspberry Pi,那里已经配置了 TLS12。您必须重写 Python 中的例程才能执行此操作。我验证了这种方法适用于我自己的 PI 网络。
我一直在为 darksky 使用这个 C# 库包装器 API:
https://github.com/amweiss/dark-sky-core
在我的实现中,我每 3 分钟轮询一次以获取我在家庭恒温器网络中使用的预测:
async void GetForecast()
{
// https://darksky.net/dev/docs#forecast-request
float Temp, DewPoint, WindSpeed, WindChill, Humidity, HeatIndex;
var client = new DarkSkyService("user-api-key");
try
{
Forecast fc = await client.GetWeatherDataAsync(38.329444, -87.412778);
Temp = (float)Math.Floor(fc.Currently.Temperature);
PublishTemp(Temp);
// for database, get temp, dewpoint, calculate windchill, calculate heatindex
DewPoint = (float)fc.Currently.DewPoint;
WindSpeed = (float)fc.Currently.WindSpeed;
Humidity = (float)fc.Currently.Humidity; // range: 0-1
WindChill = (float)CalculateWindChill(Temp, WindSpeed);
HeatIndex = (float)CalculateHeatIndex(Temp, Humidity);
SaveToDatabase(Temp, DewPoint, WindChill, HeatIndex);
RxForecast = true;
if (DateTime.Now.Hour != LastForecastHour)
{
LatestForecast = fc;
LastForecastHour = DateTime.Now.Hour;
PublishForecasts();
}
}
catch (Exception s) {
RxForecast = false;
}
ForecastWaitTime = RxForecast ? FAST_FORECAST_CYCLE : SLOW_FORECAST_CYCLE;
}
在一周前突然停止工作之前,它已经工作了大约 4 个月。 Darksky 支持表示他们最近实施了安全更新,不再支持大多数常见的 TLS 密码(引用):
- TLS 1.0
- TLS 1.1
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
You can definitively determine whether your app works with the new SSL permissions by testing against
https://api.darksky.net:4433/. If you decide to update SSL on your end, you can test the API by sending a request here: https://api.darksky.net:4433/v1/status.txt.
Note that we will be making additional security-related updates in the coming weeks so there will be more changes in the near future. We don't have a notification system for alerting users to changes made on our backend but we do offer a feed for our status page, which often includes information about updates that have been or will be made (https://status.darksky.net/). We'll do our very best to make sure we communicate them as we're able to. Additionally, to avoid future disruptions we strongly recommend switching to one of the following, which should carry you through any of the additional security updates that will be applied in the near future:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
我不知道我需要对 'update TLS' 的代码进行哪些更改,而且我似乎无法从 darksky 获得更多信息。与此同时,我的警报系统处于停止状态。
有一件事我不明白,如果我在浏览器中输入 URL:
https://api.darksky.net/forecast/my-api-key/38.329444, -87.412778
它工作正常,立即 returns 一个巨大的 JSON 预测字符串。在代码中使用 HttpWebRequest、HttpClient 或 WebClient 尝试此操作会导致不同的 "errors occurred" 异常。总的来说,我宁愿将库用于易于解释的返回 Forecast 对象。
这个 TLS 更新是我在开发环境之外的系统级别进行的吗?
或者,有没有我可以切换到 darksky 的替代品?
您有两个选择:
1:更新你正在使用的库并重新编译。此问题已在其 github 页面上报告:
https://github.com/jcheng31/DarkSkyApi/issues/28
2:这有点工作,但您可以将预测模块移动到 Linux/Raspberry Pi,那里已经配置了 TLS12。您必须重写 Python 中的例程才能执行此操作。我验证了这种方法适用于我自己的 PI 网络。