MasterColor
commented
6 years ago Closed MasterColor closed 6 years ago
MasterColor
commented
6 years ago 
ly0
commented
6 years ago MasterColor
commented
6 years ago 为什么要这么做呢, 这个链接的证书不可信吗? 我改成http之后倒是可以用了 不会百度的 这种对外链接用的是 自签名证书吧
ly0
commented
6 years ago 倒不是baidu用自签,是库的锅,可以参考一下这个 https://github.com/requests/requests/issues/3859
MasterColor
commented
6 years ago 那这个 有没有考虑过中间人攻击或者其他类似的 攻击场景呢
MasterColor
commented
6 years ago 顺便问一句, 这个是百度网盘的官方SDK吗? 百度网盘有没有java SDK ,有没有接口文档?
ly0
commented
6 years ago 肯定不是官方的SDK啦,这个只是python的ssl库的一个bug,并不会导致MITM问题。 其他的不大清楚。
Traceback (most recent call last): File "C:\Python34\lib\site-packages\urllib3\connectionpool.py", line 601, in urlopen chunked=chunked) File "C:\Python34\lib\site-packages\urllib3\connectionpool.py", line 346, in _make_request self._validate_conn(conn) File "C:\Python34\lib\site-packages\urllib3\connectionpool.py", line 850, in _validate_conn conn.connect() File "C:\Python34\lib\site-packages\urllib3\connection.py", line 326, in connect sslcontext=context) File "C:\Python34\lib\site-packages\urllib3\util\ssl.py", line 329, in ssl_wrap_socket return context.wrap_socket(sock, server_hostname=server_hostname) File "C:\Python34\lib\ssl.py", line 344, in wrap_socket _context=self) File "C:\Python34\lib\ssl.py", line 540, in init self.do_handshake() File "C:\Python34\lib\ssl.py", line 767, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "C:\Python34\lib\site-packages\requests\adapters.py", line 440, in send timeout=timeout File "C:\Python34\lib\site-packages\urllib3\connectionpool.py", line 639, in urlopen _stacktrace=sys.exc_info()[2]) File "C:\Python34\lib\site-packages\urllib3\util\retry.py", line 388, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='passport.baidu.com', port=443): Max retries exceeded with url: /v2/api/?getapi&tpl=mn&apiver=v3&class=login&tt=1513825770&logintype=dialogLogin&callback=0 (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)'),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "<pyshell#7>", line 1, in
pcs = PCS('xxxxxx','xxxxx')
File "C:\Python34\lib\site-packages\baidupcsapi\api.py", line 501, in init
verify_func=verify_callback)
File "C:\Python34\lib\site-packages\baidupcsapi\api.py", line 169, in init
self._initiate()
File "C:\Python34\lib\site-packages\baidupcsapi\api.py", line 227, in _initiate
self.user['token'] = self._get_token()
File "C:\Python34\lib\site-packages\baidupcsapi\api.py", line 256, in _get_token
time.time())).text.replace('\'', '\"')
File "C:\Python34\lib\site-packages\requests\sessions.py", line 521, in get
return self.request('GET', url, kwargs)
File "C:\Python34\lib\site-packages\requests\sessions.py", line 508, in request
resp = self.send(prep, send_kwargs)
File "C:\Python34\lib\site-packages\requests\sessions.py", line 618, in send
r = adapter.send(request, **kwargs)
File "C:\Python34\lib\site-packages\requests\adapters.py", line 506, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='passport.baidu.com', port=443): Max retries exceeded with url: /v2/api/?getapi&tpl=mn&apiver=v3&class=login&tt=1513825770&logintype=dialogLogin&callback=0 (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)'),))