如何解决如何解决Scala调用中的https连接问题?
我正在尝试下载我的Facebook个人资料图像。我成功地使用oauth连接并获取所有正确的令牌,facebook API告诉我个人资料图片的网址。
但是,当我尝试检索它时,出现关于连接异常的错误。看起来像个骗子,但我不确定。我提供了一些scala代码,这些代码显示了如何下载图像。如果更改为http,我可以得到它,但是https失败。
在另一台服务器上进行更深入的研究表明该问题是由于SSL / TLS验证引起的。
Sep 19 12:38:23 ip-172-31-24-217 server: 12:38:23.449 [New I/O worker #2] DEBUG c.n.h.c.p.n.NettyAsyncHttpProvider - Unexpected I/O exception on channel [id: 0x4b7d650e,/172.31.24.217:47572 => scontent-syd2-1.xx.fbcdn.net/157.240.8.23:443]
Sep 19 12:38:23 ip-172-31-24-217 server: org.jboss.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record:
我正在使用数据绑定程序分发的0.11.2。
build.sbt
name := "url-test"
organization := "dev.undrewb"
version := "0.0.1"
scalaVersion := "2.11.12"
resolvers ++= Seq(
"Sonatype scala-tools releases" at "https://oss.sonatype.org/content/repositories/releases","Sonatype scala-tools snapshots" at "https://oss.sonatype.org/content/repositories/snapshots"
)
libraryDependencies ++= {
Seq(
"net.databinder.dispatch" %% "dispatch-core" % "0.11.2"
)
}
标量代码
import dispatch.Defaults._
import dispatch._
import scala.concurrent.Await
import scala.concurrent.duration._
def fetchUrl( uri : String ) : Array[Byte] = {
val svc = url(uri)
val future_img = Http(svc OK as.Bytes)
Await.result(future_img,Duration(1,"seconds"))
future_img()
}
在完成上述build.sbt的sbt控制台并粘贴上面的代码之后,我得到以下内容-首先是https失败,然后是http正常工作
java.net.ConnectException: https://scontent-syd2-1.xx.fbcdn.net/v/t1.0-1/p200x200/12347856_10153070551591710_2899469599397194349_n.jpg?_nc_cat=105&_nc_sid=dbb9e7&_nc_ohc=1wqEuhGf4S4AX_iqRx5&_nc_ht=scontent-syd2-1.xx&tp=6&oh=4a792c1f0f4eded4ff2516efdfb056ab&oe=5F8D2DC4
at com.ning.http.client.providers.netty.NettyConnectListener.operationComplete(NettyConnectListener.java:103)
at org.jboss.netty.channel.DefaultChannelFuture.notifyListener(DefaultChannelFuture.java:427)
at org.jboss.netty.channel.DefaultChannelFuture.notifyListeners(DefaultChannelFuture.java:413)
at org.jboss.netty.channel.DefaultChannelFuture.setFailure(DefaultChannelFuture.java:380)
at org.jboss.netty.handler.ssl.SslHandler.channelDisconnected(SslHandler.java:641)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:396)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWorker.java:360)
at org.jboss.netty.channel.socket.nio.NioClientSocketPipelineSink.eventSunk(NioClientSocketPipelineSink.java:58)
at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendDownstream(DefaultChannelPipeline.java:779)
at org.jboss.netty.channel.Channels.close(Channels.java:828)
at org.jboss.netty.handler.ssl.SslHandler$ClosingChannelFutureListener.operationComplete(SslHandler.java:1647)
at org.jboss.netty.channel.DefaultChannelFuture.notifyListener(DefaultChannelFuture.java:427)
at org.jboss.netty.channel.DefaultChannelFuture.addListener(DefaultChannelFuture.java:145)
at org.jboss.netty.handler.ssl.SslHandler.closeOutboundAndChannel(SslHandler.java:1607)
at org.jboss.netty.handler.ssl.SslHandler.handleDownstream(SslHandler.java:580)
at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:591)
at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendDownstream(DefaultChannelPipeline.java:784)
at org.jboss.netty.handler.codec.oneone.OneToOneEncoder.handleDownstream(OneToOneEncoder.java:54)
at org.jboss.netty.handler.codec.http.HttpClientCodec.handleDownstream(HttpClientCodec.java:97)
at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:591)
at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendDownstream(DefaultChannelPipeline.java:784)
at org.jboss.netty.handler.stream.ChunkedWriteHandler.handleDownstream(ChunkedWriteHandler.java:109)
at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:591)
at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:582)
at org.jboss.netty.channel.Channels.close(Channels.java:812)
at org.jboss.netty.channel.AbstractChannel.close(AbstractChannel.java:197)
at com.ning.http.client.providers.netty.NettyAsyncHttpProvider.exceptionCaught(NettyAsyncHttpProvider.java:1621)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
at org.jboss.netty.handler.stream.ChunkedWriteHandler.handleUpstream(ChunkedWriteHandler.java:142)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
at org.jboss.netty.handler.codec.frame.FrameDecoder.exceptionCaught(FrameDecoder.java:377)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)
at org.jboss.netty.handler.codec.http.HttpClientCodec.handleUpstream(HttpClientCodec.java:92)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
at org.jboss.netty.handler.ssl.SslHandler.exceptionCaught(SslHandler.java:692)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
at org.jboss.netty.channel.Channels.fireExceptionCaught(Channels.java:525)
at org.jboss.netty.channel.AbstractChannelSink.exceptionCaught(AbstractChannelSink.java:48)
at org.jboss.netty.channel.DefaultChannelPipeline.notifyHandlerException(DefaultChannelPipeline.java:658)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:566)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255)
at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)
at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:318)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)
at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)
at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.nio.channels.ClosedChannelException
... 58 more
scala> fetchUrl("http://scontent-syd2-1.xx.fbcdn.net/v/t1.0-1/p200x200/12347856_10153070551591710_2899469599397194349_n.
jpg?_nc_cat=105&_nc_sid=dbb9e7&_nc_ohc=1wqEuhGf4S4AX_iqRx5&_nc_ht=scontent-syd2-1.xx&tp=6&oh=4a792c1f0f4eded4ff2516efdfb
056ab&oe=5F8D2DC4")
res2: Array[Byte] = Array(-1,-40,-1,-32,16,74,70,73,1,-19,-100,80,104,111,116,115,112,32,51,46,48,56,66,77,4,-128,28,2,103,20,107,50,105,81,53,57,85,55,72,45,110,119,106,75,40,98,68,97,49,99,52,102,100,101,54,-37,67,6,5,7,...
主机具有有效证书
CONNECTED(00000003)
depth=2 C = US,O = DigiCert Inc,OU = www.digicert.com,CN = DigiCert High Assurance EV Root CA
verify return:1
depth=1 C = US,CN = DigiCert SHA2 High Assurance Server CA
verify return:1
depth=0 C = US,ST = California,L = Menlo Park,O = "Facebook,Inc.",CN = *.facebook.com
verify return:1
---
Certificate chain
0 s:C = US,CN = *.facebook.com
i:C = US,CN = DigiCert SHA2 High Assurance Server CA
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgIQBP9oEb4kGs9BMY21buXJQzANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0yMDA5MTEwMDAwMDBaFw0yMDEyMTAxMjAwMDBa
MGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
ZW5sbyBQYXJrMRcwFQYDVQQKEw5GYWNlYm9vaywgSW5jLjEXMBUGA1UEAwwOKi5m
YWNlYm9vay5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATgjOhxMDZGg5LV
u/T5dwcouQKPyimRsyf3yG+EW8fB/4VawzbLmAb3CFZ/n1HMidUKftFyQk/UbEww
+IKgmC1co4IDjDCCA4gwHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNllZGKiErhZcjsw
HQYDVR0OBBYEFDxhuz8kAK+LugNR33YORK25aUYkMIG1BgNVHREEga0wgaqCDiou
ZmFjZWJvb2suY29tgg4qLmZhY2Vib29rLm5ldIILKi5mYmNkbi5uZXSCCyouZmJz
YnguY29tghAqLm0uZmFjZWJvb2suY29tgg8qLm1lc3Nlbmdlci5jb22CDioueHgu
ZmJjZG4ubmV0gg4qLnh5LmZiY2RuLm5ldIIOKi54ei5mYmNkbi5uZXSCDGZhY2Vi
b29rLmNvbYINbWVzc2VuZ2VyLmNvbTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9j
cmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwNKAyoDCGLmh0
dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwTAYD
VR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cu
ZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwgYMGCCsGAQUFBwEBBHcwdTAkBggr
BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFo
dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3Vy
YW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIBBAYKKwYBBAHWeQIEAgSB
9QSB8gDwAHYAB7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6GmnTohwAAAF0fvOs
9AAABAMARzBFAiBONCB42DRZlMPy0xSgw/tzAOQadeVDnTq1PxbQ/GsriQIhAJuN
nJXIA+KDipeoKngAat7Bo8VfmGY7NgwBNA2THxLwAHYA8JWkWfIA0YJAEC0vk4iO
rUv+HUfjmeHQNKawqKqOsnMAAAF0fvOs7QAABAMARzBFAiA63VWVorIwBlCI1O21
//ajHhTZJujhvoyh4i50OWJVAgIhAPochdnO5gjYAJ2xx0EsaNXyRvR8cxfYaQVk
7VBLyiNMMA0GCSqGSIb3DQEBCwUAA4IBAQCC9qVioarSmo3+QJITcM8qOtgYX0Bt
AS/VpT5Rm/vUT95bhxU6DpNqx1vtTL6vL6ajqor03pQdwwgB+0zzsAGuZzGjEoe6
YoI6ZQMnxTO+lUXV8UybO8SdLBsmnR8s2D8mLbYGPB3xauLmOPceZlXPrmCyEwBs
e7FfJRPy3P6fbBNvQ/YtLcWsvYV2+MNPo/0FglcmmXhRvZBF9eBP+ifLYGtL+rPC
QkoyWb7pxz6IvJ7+iQ1qbQROCTcKImhS41wWo37rAfKcwdsQy0iXZ+Zh9rrzmzIN
1TLCBbwRHzxEV/tTNaNNZFq6U+/VUw20wlXgtjS8slC6Q14DMxJGYG/I
-----END CERTIFICATE-----
1 s:C = US,CN = DigiCert SHA2 High Assurance Server CA
i:C = US,CN = DigiCert High Assurance EV Root CA
-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy
YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2
4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC
Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1
itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn
4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X
sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft
bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA
MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t
L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG
BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D
aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd
aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH
E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly
/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu
xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF
0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae
cPUeybQ=
-----END CERTIFICATE-----
---
Server certificate
subject=C = US,CN = *.facebook.com
issuer=C = US,CN = DigiCert SHA2 High Assurance Server CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519,253 bits
---
SSL handshake has read 3121 bytes and written 384 bytes
Verification: OK
---
New,TLSv1.3,Cipher is TLS_CHACHA20_POLY1305_SHA256
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_CHACHA20_POLY1305_SHA256
Session-ID: FBAB4FB69334711C0C8C616688003A1CE0551E64ED120A0FD5C6BFD65F4D2349
Session-ID-ctx:
Resumption PSK: CB947853006B7F175038EE259A9D4F38122A42563032F91E39B5D16E20542418
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 172800 (seconds)
TLS session ticket:
0000 - 6e d6 67 0a 39 a6 72 35-49 5d 26 dd 9c 94 87 cd n.g.9.r5I]&.....
0010 - a8 c3 f1 f6 cc b0 18 35-d9 ab 89 e5 df 59 da 59 .......5.....Y.Y
0020 - 00 00 00 00 17 02 74 d9-ed d1 a9 57 4a bd 14 f9 ......t....WJ...
0030 - da 2a 01 69 21 12 3e 60-d7 7b 6a 42 cf eb 2b 5b .*.i!.>`.{jB..+[
0040 - a6 4f fe 91 cb f7 2e 57-e0 d6 ad 29 94 3b ae fa .O.....W...).;..
0050 - f0 56 f5 63 b5 d9 53 ae-bf 13 96 87 3f a7 fe 78 .V.c..S.....?..x
0060 - 16 ac 3b ad 73 08 30 d6-a7 22 b9 6c 86 e5 a2 3c ..;.s.0..".l...<
0070 - 21 09 e9 0d bb bd 82 12-c0 62 c1 78 ab 97 67 64 !........b.x..gd
0080 - f3 e4 ..
Start Time: 1600520660
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 4294967295
---
访问其他https URL可以正常工作。
scala> fetchUrl("https://www.apilayer.net/api/live?access_key=<removed_my_key>&source=USD")
res7: Array[Byte] = Array(123,34,117,58,114,44,109,92,47,121,108,118,83,113,123,65,69,...
scala>
解决方法
不再维护调度数据绑定器。由于无法识别TLS 1.3,因此失败。我应该移到类似akka-http的地方。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。