Note on reinstalling httpie for SSLv3 Handshake failure
source link: https://www.otsukare.info/2017/03/29/httpie-sslv3-handshake
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
I ran into this issue recently with httpie (The python code for doing http requests)
http --verbose GET https://ti.to/home
I was getting:
http: error: SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590) while doing GET request to URL: https://ti.to/home
Huh? Then tried curl
curl -v https://ti.to/home
We get.
* Trying 54.75.248.133...
* TCP_NODELAY set
* Connected to ti.to (54.75.248.133) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate: ti.to
* Server certificate: DigiCert ECC Extended Validation Server CA
* Server certificate: DigiCert High Assurance EV Root CA
GET /home HTTP/1.1
Host: ti.to
User-Agent: curl/7.51.0
Accept: */*
< HTTP/1.1 200 OK
< Server: Cowboy
< Date: Sat, 25 Mar 2017 06:20:39 GMT
< X-Frame-Options: SAMEORIGIN
< X-Xss-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Content-Type: text/html; charset=utf-8
< Etag: W/"730ab400103d08252b84003a4e7862ff"
< Cache-Control: max-age=0, private, must-revalidate
< Set-Cookie: _marketing-tito_session=S3NERVovbjJmcEYvTGhkSktzVkQyZ3I0TXBOQ1lxTCs5LzhVMlhBN2ZKL0pTSjZCTi94VUo4b3N5RDNweGt2ZWNZTHc4MitNeGdtbjUvZXQ0RjVic1lCMlE3NVk2V21GNGFnYVpXZzVBMnM1bHg3bXpUOW1MZ1R5MlR5UnY3cVB3bzhzZER1eGRNTlNXTFlUVVMxWEhnPT0tLUZCNWQrcE9JcmU0OXJOeUY4YXJ0QXc9PQ%3D%3D--e96126ac335694d135c6a13b2effb22b486380b3; path=/; HttpOnly; Secure
< X-Request-Id: ce6a6522-1780-4b85-8ff5-4eeea24f8fa4
< X-Runtime: 0.007563
< Transfer-Encoding: chunked
< Via: 1.1 vegur
< Strict-Transport-Security: max-age=15768000
<
<!doctype html>
<html lang="en">
So I searched a bit. And I needed to upgrade a couple of things.
http uninstall httpie
Then install the security update of requests. If you are wondering about --user, I do that all the time. It installs the 3rd party libraries in your own repo. It makes it safe when Apple upgrades python on your machine destroying all previous libraries installs.
pip install --user --upgrade requests[security]
This install a lot of stuff. Once done. You should get something like:
Successfully installed appdirs-1.4.3 asn1crypto-0.22.0 cffi-1.10.0 cryptography-1.8.1 idna-2.5 ipaddress-1.0.18 packaging-16.8 pyOpenSSL-16.2.0 pycparser-2.17 pyparsing-2.2.0 setuptools-34.3.2
pip install --user httpie
Which gives
Successfully installed httpie-0.9.9
Once done, you can check the state of things with
http --debug
This will spill out
HTTPie 0.9.9
Requests 2.13.0
Pygments 2.2.0
Python 2.7.10 (default, Jul 30 2016, 19:40:32)
[GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)]
/System/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python
Darwin 16.4.0
<Environment { … cut for Brevity… }>
And now retrying the request
http --traceback --print h GET https://ti.to/home
We get the right thing
HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Mar 2017 06:33:23 GMT
Etag: W/"ecdab4c883db75bc7e811a4360f62700"
Server: Cowboy
Set-Cookie: _marketing-tito_session=YVlLeFBWMXhwNml2cW54dC8xMk9DV1ZocWxQZ3BhVUlLUmlNK25SNHVyMHVsVnFGR1FYNGQ5SFRTZUNvMDRUU1VKbkR4Y2J3VStoZUJ0TWpteGIrcTMrYk9PQ21wTk1YRlU3cjVibC9NeEdXUUNlWFNoMHJjT3NWbnllUVMrVDMwZWJOZlZPWWQwSElUcG44WE5rWkhnPT0tLTZQNVZxVTYxYVhGUGNUV1htc1Jqb2c9PQ%3D%3D--d457a62be9a95ddf7ed17c19e2e006ed0a185be2; path=/; HttpOnly; Secure
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 7abb2983-4eee-46e0-8461-2d0b14f24056
X-Runtime: 0.008374
X-Xss-Protection: 1; mode=block
Otsukare!
Recommend
-
81
概述当使用httpclinet发起https请求时报如下错误:javax.net.ssl.SSLHandshakeException:Receivedfatalalert:handshake_failureatcom.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)atcom.sun.net.ssl.internal.
-
85
README.md HTTPie for curl If you like the interface of HTTPie but miss the features of curl, curl-httpie is what you are sear...
-
19
CVE-2014-3566 SSLv3 POODLE原理分析 insight-labs
-
19
Remotely reinstalling a node on CentOS 8 with DuD (Driver Disk Update /...
-
14
Thank you for not needlessly reinstalling customer boxes I love the little nuggets of folklore which sometimes get passed around tech support centers. Some of them have no connection to reality, but they still manage to bounce ar...
-
3
How macOS is more reliable, and doesn’t need reinstalling One of the worst longstanding problems with macOS has been its unreliability, and by that I’m not referring to bugs, but the fact that until a year ago you never knew whethe...
-
5
接口调用报错Server chose SSLv3, but that protocol v ...
-
8
<?xml encoding="utf-8" ??>Introduction One benefit of Vultr's cloud infrastructure is the ability to migrate to a more powerful server as your data and server loads increase. This Quickstart gui...
-
8
CentOS CBS infra and sslv3/Poodle important notificationAs most of you already know, there is an important SSLv3 vulnerability (CVE-2014-3566 - see https://access.redhat.com/articles/1232123) , known as Poodle. While it's easy to disabl...
-
8
Need help reinstalling MacOS R
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK