问题
Looking for some information regarding an SSL error while trying to get an auth token via box.net api v2.0.
I'm using Python 2.7, OpenSSL 1.0.1c, and the requests library.
payload = {"action":"get_auth_token", "api_key":self.box_apikey, "ticket":self.box_ticket['status'], "verify":False}
r = requests.get(self.box_secure_endpoint+"rest", params=payload)
File "/usr/lib/python2.7/site-packages/requests/api.py", line 65, in get
return request('get', url, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/safe_mode.py", line 39, in wrapped
return function(method, url, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/api.py", line 51, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 241, in request
r.send(prefetch=prefetch)
File "/usr/lib/python2.7/site-packages/requests/models.py", line 641, in send
raise SSLError(e)
requests.exceptions.SSLError: _ssl.c:316: Invalid SSL protocol variant specified.
Note:
- I'm also looking deeper into the
requestslib to see if there is some sort of work around of SSL ver request feature. - If I'm not mistaken, the second bit in a SSL cert should indicate the SSL version.
回答1:
You're seeing this error because you're sending in the verify argument as a URL parameter in the request, i.e. the actual URL you're hitting is
https://api.box.com/1.0/rest?action=get_auth_token&api_key=APIKEY&ticket=ticket&verify=False
verify should be sent in as a keyword argument with the actual call to the requests get function i.e.
r = requests.get(self.box_secure_endpoint+"rest", params=payload, verify=True)
回答2:
The issue lead to verifying server ssl version support (explicity ssl.PROTOCOL_SSLv3 | http://docs.python.org/2.7/library/ssl.html#ssl.wrap_socket).
I'm going to forward the request to the lib devs or create a patch to enable the functionality of explicitly specifying the protocol.
Thanks for your help. :)
来源:https://stackoverflow.com/questions/13479052/box-api-v2-ssl-version-python