zoukankan      html  css  js  c++  java
  • 各种编程语言忽略http的SSL证书认证

    前言

    我们内部测试的http服务器很多时候证书都是没有经过第三方认证的,我们发送http请求基本上都是忽略证书认证。
    我总结了一下常用编程语言使用http请求时忽略证书认证的代码片段,记录一下下。

    代码

    go语言

    func httpPost(url, body string) ([]byte, error) {
        req, err := http.NewRequest(http.MethodPost, urlPre+url, strings.NewReader(body))
        if err != nil {
            return nil, err
        }
        req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
     
        client := &http.Client{ // 忽略证书验证
            Transport: &http.Transport{
                TLSClientConfig: &tls.Config{
                    InsecureSkipVerify: true,
                },
            },
        }
        resp, err := client.Do(req)
        if resp != nil {
            defer resp.Body.Close()
        }
        if err != nil {
            return nil, err
        }
     
        data, err := ioutil.ReadAll(resp.Body)
        if err != nil {
            return nil, err
        }
        return data, nil
    }
    

    Python语言

    import json
    import requests
    
    try:
        # verify = False 表示忽略证书
        response = requests.post("http://www.baidu.com/",verify = False, headers = header, data = "")
        data = json.loads(response.text)
        print(data)
    except Exception as e:
        print('error:', e)
    

    Ruby语言

    require 'rest-client'
    require 'json'
     
    begin
        # :verify_ssl => OpenSSL::SSL::VERIFY_NONE 表示忽略证书
        resp = RestClient::Request.execute(method: :post, url: "http://www.baidu.com/", payload: "", headers: headers, :verify_ssl => OpenSSL::SSL::VERIFY_NONE)
        data = JSON.parse(resp.body)
        puts(data)
    rescue => e
        puts("#{e.class}, #{e.message}")
    end
    

    Java语言

    package iotp;
     
    import java.io.BufferedReader;
    import java.io.IOException;
    import java.io.InputStream;
    import java.io.InputStreamReader;
    import java.io.OutputStream;
    import java.net.MalformedURLException;
    import java.net.URL;
    import java.security.cert.X509Certificate;
     
    import javax.net.ssl.HostnameVerifier;
    import javax.net.ssl.HttpsURLConnection;
    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLSession;
    import javax.net.ssl.TrustManager;
    import javax.net.ssl.X509TrustManager;
     
    public class janbar {
        public static void main(String[] args) {
            trustAllHosts(); // 只在开头执行一次即可
     
            String data = httpPost("http://www.baidu.com/", "");
            System.out.println(data);
        }
     
        public static String httpPost(String httpUrl, String param) {
            HttpsURLConnection connection = null;
            InputStream is = null;
            OutputStream os = null;
            BufferedReader br = null;
            String result = null;
            try {
                // 通过远程url连接对象打开连接
                connection = (HttpsURLConnection) new URL(urlPre + httpUrl).openConnection();
                // 忽略证书认证
                connection.setHostnameVerifier(DO_NOT_VERIFY);
                // 设置连接请求方式
                connection.setRequestMethod("POST");
                // 设置连接主机服务器超时时间:15000毫秒
                connection.setConnectTimeout(15000);
                // 设置读取主机服务器返回数据超时时间:60000毫秒
                connection.setReadTimeout(60000);
     
                // 默认值为:false,当向远程服务器传送数据/写数据时,需要设置为true
                connection.setDoOutput(true);
                // 默认值为:true,当前向远程服务读取数据时,设置为true,该参数可有可无
                connection.setDoInput(true);
                // 设置传入参数的格式:请求参数应该是 name1=value1&name2=value2 的形式。
                connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
                // 通过连接对象获取一个输出流
                os = connection.getOutputStream();
                // 通过输出流对象将参数写出去/传输出去,它是通过字节数组写出的
                os.write(param.getBytes());
                // 通过连接对象获取一个输入流,向远程读取
                if (connection.getResponseCode() == 200) {
                    is = connection.getInputStream();
                    // 对输入流对象进行包装:charset根据工作项目组的要求来设置
                    br = new BufferedReader(new InputStreamReader(is, "UTF-8"));
     
                    StringBuffer sbf = new StringBuffer();
                    String temp = null;
                    // 循环遍历一行一行读取数据
                    while ((temp = br.readLine()) != null) {
                        sbf.append(temp);
                        sbf.append("
    ");
                    }
                    result = sbf.toString();
                }
            } catch (MalformedURLException e) {
                e.printStackTrace();
            } catch (IOException e) {
                e.printStackTrace();
            } finally {
                // 关闭资源
                if (null != br) {
                    try {
                        br.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                if (null != os) {
                    try {
                        os.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                if (null != is) {
                    try {
                        is.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                // 断开与远程地址url的连接
                connection.disconnect();
            }
            return result;
        }
     
        private static void trustAllHosts() {
            // Create a trust manager that does not validate certificate chains
            TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return new java.security.cert.X509Certificate[] {};
                }
     
                public void checkClientTrusted(X509Certificate[] chain, String authType) {
                }
     
                public void checkServerTrusted(X509Certificate[] chain, String authType) {
                }
            } };
            // Install the all-trusting trust manager
            try {
                SSLContext sc = SSLContext.getInstance("TLS");
                sc.init(null, trustAllCerts, new java.security.SecureRandom());
                HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
     
        private final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        };
    }
    

    PHP语言

    <?php
    function httpPost($url, $content) {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // 跳过证书检查
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); // 从证书中检查SSL加密算法是否存在
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type','application/x-www-form-urlencoded'));
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $content);
        $response = curl_exec($ch);
        if($error=curl_error($ch)){
            die($error);
        }
        curl_close($ch);
        return $response;
    }
    $data = httpPost("http://www.baidu.com/", "");
    $data = json_decode($data, true);
    var_dump($data);
    

    C#语言

    using System;
    using System.Collections.Generic;
    using System.Text;
    using System.Net;
    using System.IO;
     
    namespace SundrayApi
    {
        class Program
        {
            static void Main(string[] args)
            {
                string data = apiPost("http://www.baidu.com/", "");
                Console.WriteLine(data);
     
                Console.ReadLine();
            }
     
            static string apiPost(string url, string body)
            {
                string content = string.Empty;
                try
                {
                    /* 跳过ssl验证 */
                    ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true;
                    HttpWebRequest request = HttpWebRequest.Create(preUrl + url) as HttpWebRequest;
                    request.Method = "POST";
                    request.ContentType = "application/x-www-form-urlencoded";
                    byte[] data = Encoding.UTF8.GetBytes(body);
                    Stream newStream = request.GetRequestStream();
                    newStream.Write(data, 0, data.Length);
                    newStream.Close();
                    HttpWebResponse response = (HttpWebResponse)request.GetResponse();
                    Stream stream = response.GetResponseStream();
                    StreamReader reader = new StreamReader(stream, Encoding.UTF8);
                    content = reader.ReadToEnd();
                    reader.Close();
                    response.Close();
                }
                catch (Exception ex)
                {
                    content = ex.ToString();
                }
                return content;
            }
        }
    }
    

    C/C++语言

    c语言需要编译一下下,如下流程即可。
    wget https://curl.haxx.se/download/curl-7.73.0.tar.gz
    ./configure
    make
    gcc test.c -l curl -L /root/c/curl/curl-7.73.0/lib/.libs -I /root/c/curl/curl-7.73.0/include

    #include <stdio.h>
    #include <stdlib.h>
    #include <string.h>
    #include <curl/curl.h>
     
    typedef struct {
      char *memory;
      size_t size;
    } MemoryStruct;
     
    static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
    {
      size_t realsize = size * nmemb;
      MemoryStruct *mem = (MemoryStruct *)userp;
     
      char *ptr = realloc(mem->memory, mem->size + realsize + 1);
      if(ptr == NULL) { /* out of memory! */
        printf("not enough memory (realloc returned NULL)
    ");
        return 0;
      }
      mem->memory = ptr;
      memcpy(&(mem->memory[mem->size]), contents, realsize);
      mem->size += realsize;
      mem->memory[mem->size] = 0;
      return realsize;
    }
     
    int httpPost(const char *url, char *data, int size)
    {
        int ret = -1;
        if(url == NULL || data == NULL){
            return ret;
        }
     
        CURL *curl = curl_easy_init();
        struct curl_slist* headers;
        long   retcode = 0;
     
        MemoryStruct chunk;
        chunk.size   = 0;
        chunk.memory = malloc(1);
     
        headers = curl_slist_append(headers, "Content-Type: application/x-www-form-urlencoded");
        curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
     
        curl_easy_setopt(curl, CURLOPT_POST, 1);
        curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
        curl_easy_setopt(curl, CURLOPT_URL, url);
        curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk);
     
        CURLcode res = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &retcode);
        if (res == CURLE_OK && retcode == 200) {
            ret = 0;
            if (chunk.size > 0) {
                if (chunk.size > size)
                    chunk.size = size - 1; /* 超出限制,不拷贝 */
                memcpy(data, chunk.memory, chunk.size);
            }
            data[chunk.size] = 0; /* 结束符 */
        } else {
            ret = -2;
        }
     
        curl_easy_cleanup(curl);
        free(chunk.memory);
        return ret;
    }
      
    int main(int argc, char *argv[])
    {
        int url_len = 128, data_len = 2048;
        char *url  = (char *)malloc(sizeof(char) * url_len);
        char *data = (char *)malloc(sizeof(char) * data_len);
     
        strcpy(url,  "http://www.baidu.com/");
        strcpy(data, "");
        int ret = httpPost(url, data, data_len);
        if (ret != 0) {
            return ret;
        }
        printf("[%s]
    
    ",data);
        return 0;
    }
    

    shell语言

    #!/bin/bash
    
    # 使用 -k 参数忽略证书
    data=$(curl -s -k "http://www.baidu.com/" -d "")
    echo "$data"
    

    总结

    把常用编程语言的http忽略证书代码做个笔记,方便以后再来查看。本来想写写lua的,但是lua连socket都得编译个库来搞,还是以后有需求再搞搞吧。
    另外再附上https跳过证书校验底层原理

  • 相关阅读:
    03_输出程序状态信息
    06_键盘事件
    Silverlight中引用图片的方式
    04_响应单点触控
    02_ListActive中响应事件 并LogCat输出
    批量插入更新的 sql语句
    07_重力倾斜度响应
    读取XML
    人生启示录效应篇之牢骚效应:凡是公司中有对工作发牢骚的人,那家公司或老板一定比没有这种人或有这种人而把牢骚埋在肚子里的公司要成功得多
    鼠标事件之JS
  • 原文地址:https://www.cnblogs.com/janbar/p/13987038.html
Copyright © 2011-2022 走看看