ssl 如何在Python 3x中创建一个简单的HTTPS服务器

bprjcwpo  于 12个月前  发布在  Python
关注(0)|答案(1)|浏览(170)

我如何才能创建最好的python服务器,它只会收到一个响应,然后就死了?
我试过this,但由于一些方法被弃用,我对它做了一些修改。

import http.server
from ssl import SSLContext

class MyHandler(http.server.SimpleHTTPRequestHandler):
    def do_POST(self):
        content_length = int(self.headers['Content-Length'])
        post_data = self.rfile.read(content_length)
        print(post_data.decode('utf-8'))

server_address = ('127.0.0.1', 5000)

httpd = http.server.HTTPServer(server_address, http.server.SimpleHTTPRequestHandler)
httpd.socket = SSLContext().wrap_socket(sock=httpd.socket,
                                        server_side=True,
                                        do_handshake_on_connect=False,
                                        suppress_ragged_eofs=True)
httpd.serve_forever()

字符串
但它不起作用。

C:\Users\mikha\Desktop\Mika\Projects\yummy_slack\test_1.py:14: DeprecationWarning: ssl.SSLContext() without protocol argument is deprecated.
  httpd.socket = SSLContext().wrap_socket(sock=httpd.socket,
C:\Users\mikha\Desktop\Mika\Projects\yummy_slack\test_1.py:14: DeprecationWarning: ssl.PROTOCOL_TLS is deprecated
  httpd.socket = SSLContext().wrap_socket(sock=httpd.socket,
----------------------------------------
Exception occurred during processing of request from ('127.0.0.1', 51828)
Traceback (most recent call last):
  File "C:\Program Files\Python310\lib\socketserver.py", line 316, in _handle_request_noblock
    self.process_request(request, client_address)
  File "C:\Program Files\Python310\lib\socketserver.py", line 347, in process_request
    self.finish_request(request, client_address)
  File "C:\Program Files\Python310\lib\socketserver.py", line 360, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "C:\Program Files\Python310\lib\http\server.py", line 668, in __init__
    super().__init__(*args, **kwargs)
  File "C:\Program Files\Python310\lib\socketserver.py", line 747, in __init__
    self.handle()
  File "C:\Program Files\Python310\lib\http\server.py", line 433, in handle
    self.handle_one_request()
  File "C:\Program Files\Python310\lib\http\server.py", line 401, in handle_one_request
    self.raw_requestline = self.rfile.readline(65537)
  File "C:\Program Files\Python310\lib\socket.py", line 705, in readinto
    return self._sock.recv_into(b)
  File "C:\Program Files\Python310\lib\ssl.py", line 1274, in recv_into
    return self.read(nbytes, buffer)
  File "C:\Program Files\Python310\lib\ssl.py", line 1130, in read
    return self._sslobj.read(len, buffer)
ssl.SSLError: [SSL: NO_SHARED_CIPHER] no shared cipher (_ssl.c:2578)
----------------------------------------


并且此错误在一排端口中持续存在。
我不是网络方面的天才,但我真的很想知道这里出了什么问题。
主要任务是从Slack OAuth链接接收重定向的响应。

UPD:我尝试使用证书和密钥,当启动服务器时。但脚本卡在load_cert_chain上。没有崩溃或其他问题。

我使用此命令创建证书和密钥openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365,示例如下:

import http.server
import ssl

class MyHandler(http.server.SimpleHTTPRequestHandler):
    def do_POST(self):
        content_length = int(self.headers['Content-Length'])
        post_data = self.rfile.read(content_length)
        print(post_data.decode('utf-8'))

server_address = ('127.0.0.1', 5000)
httpd = http.server.HTTPServer(server_address, MyHandler)

context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain(certfile="cert.pem", keyfile="key.pem")

httpd.socket = context.wrap_socket(httpd.socket, server_side=True)
httpd.serve_forever()

jmp7cifd

jmp7cifd1#

要创建简单的HTTPS服务器,您可以使用以下示例:

import http.server
import ssl

def get_ssl_context(certfile, keyfile):
    context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
    context.load_cert_chain(certfile, keyfile)
    context.set_ciphers("@SECLEVEL=1:ALL")
    return context

class MyHandler(http.server.SimpleHTTPRequestHandler):
    def do_POST(self):
        content_length = int(self.headers["Content-Length"])
        post_data = self.rfile.read(content_length)
        print(post_data.decode("utf-8"))

server_address = ("127.0.0.1", 5000)
httpd = http.server.HTTPServer(server_address, MyHandler)

context = get_ssl_context("cert.pem", "key.pem")
httpd.socket = context.wrap_socket(httpd.socket, server_side=True)

httpd.serve_forever()

字符串
cert.pemkey.pem是使用以下命令创建的:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem

**注意:**不要忘记将Common Name (e.g. server FQDN or YOUR name) []设置为127.0.0.1

运行此脚本将创建在127.0.0.1:5000上运行的服务器。
要测试它,您可以从其他终端发送此命令:

curl --cacert cert.pem -X POST -d "param1=value1&param2=value2" https://127.0.0.1:5000

相关问题