若能与你化作星座,一起描绘星空中的梦想。|

janbar

园龄:4年5个月 粉丝:29 关注:10

2020-11-16 20:49 阅读 4174 评论 0 推荐 1

各种编程语言忽略http的SSL证书认证

前言

我们内部测试的http服务器很多时候证书都是没有经过第三方认证的,我们发送http请求基本上都是忽略证书认证。
我总结了一下常用编程语言使用http请求时忽略证书认证的代码片段,记录一下下。

代码

go语言

copy
func httpPost(url, body string) ([]byte, error) { req, err := http.NewRequest(http.MethodPost, urlPre+url, strings.NewReader(body)) if err != nil { return nil, err } req.Header.Add("Content-Type", "application/x-www-form-urlencoded") client := &http.Client{ // 忽略证书验证 Transport: &http.Transport{ TLSClientConfig: &tls.Config{ InsecureSkipVerify: true, }, }, } resp, err := client.Do(req) if resp != nil { defer resp.Body.Close() } if err != nil { return nil, err } data, err := ioutil.ReadAll(resp.Body) if err != nil { return nil, err } return data, nil }

Python语言

copy
import json import requests try: # verify = False 表示忽略证书 response = requests.post("http://www.baidu.com/",verify = False, headers = header, data = "") data = json.loads(response.text) print(data) except Exception as e: print('error:', e)

Ruby语言

copy
require 'rest-client' require 'json' begin # :verify_ssl => OpenSSL::SSL::VERIFY_NONE 表示忽略证书 resp = RestClient::Request.execute(method: :post, url: "http://www.baidu.com/", payload: "", headers: headers, :verify_ssl => OpenSSL::SSL::VERIFY_NONE) data = JSON.parse(resp.body) puts(data) rescue => e puts("#{e.class}, #{e.message}") end

Java语言

copy
package iotp; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; import java.net.MalformedURLException; import java.net.URL; import java.security.cert.X509Certificate; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; public class janbar { public static void main(String[] args) { trustAllHosts(); // 只在开头执行一次即可 String data = httpPost("http://www.baidu.com/", ""); System.out.println(data); } public static String httpPost(String httpUrl, String param) { HttpsURLConnection connection = null; InputStream is = null; OutputStream os = null; BufferedReader br = null; String result = null; try { // 通过远程url连接对象打开连接 connection = (HttpsURLConnection) new URL(urlPre + httpUrl).openConnection(); // 忽略证书认证 connection.setHostnameVerifier(DO_NOT_VERIFY); // 设置连接请求方式 connection.setRequestMethod("POST"); // 设置连接主机服务器超时时间:15000毫秒 connection.setConnectTimeout(15000); // 设置读取主机服务器返回数据超时时间:60000毫秒 connection.setReadTimeout(60000); // 默认值为:false,当向远程服务器传送数据/写数据时,需要设置为true connection.setDoOutput(true); // 默认值为:true,当前向远程服务读取数据时,设置为true,该参数可有可无 connection.setDoInput(true); // 设置传入参数的格式:请求参数应该是 name1=value1&name2=value2 的形式。 connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); // 通过连接对象获取一个输出流 os = connection.getOutputStream(); // 通过输出流对象将参数写出去/传输出去,它是通过字节数组写出的 os.write(param.getBytes()); // 通过连接对象获取一个输入流,向远程读取 if (connection.getResponseCode() == 200) { is = connection.getInputStream(); // 对输入流对象进行包装:charset根据工作项目组的要求来设置 br = new BufferedReader(new InputStreamReader(is, "UTF-8")); StringBuffer sbf = new StringBuffer(); String temp = null; // 循环遍历一行一行读取数据 while ((temp = br.readLine()) != null) { sbf.append(temp); sbf.append("\r\n"); } result = sbf.toString(); } } catch (MalformedURLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } finally { // 关闭资源 if (null != br) { try { br.close(); } catch (IOException e) { e.printStackTrace(); } } if (null != os) { try { os.close(); } catch (IOException e) { e.printStackTrace(); } } if (null != is) { try { is.close(); } catch (IOException e) { e.printStackTrace(); } } // 断开与远程地址url的连接 connection.disconnect(); } return result; } private static void trustAllHosts() { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[] {}; } public void checkClientTrusted(X509Certificate[] chain, String authType) { } public void checkServerTrusted(X509Certificate[] chain, String authType) { } } }; // Install the all-trusting trust manager try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (Exception e) { e.printStackTrace(); } } private final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; }

PHP语言

copy
<?php function httpPost($url, $content) { $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // 跳过证书检查 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); // 从证书中检查SSL加密算法是否存在 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type','application/x-www-form-urlencoded')); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $content); $response = curl_exec($ch); if($error=curl_error($ch)){ die($error); } curl_close($ch); return $response; } $data = httpPost("http://www.baidu.com/", ""); $data = json_decode($data, true); var_dump($data);

C#语言

copy
using System; using System.Collections.Generic; using System.Text; using System.Net; using System.IO; namespace SundrayApi { class Program { static void Main(string[] args) { string data = apiPost("http://www.baidu.com/", ""); Console.WriteLine(data); Console.ReadLine(); } static string apiPost(string url, string body) { string content = string.Empty; try { /* 跳过ssl验证 */ ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; HttpWebRequest request = HttpWebRequest.Create(preUrl + url) as HttpWebRequest; request.Method = "POST"; request.ContentType = "application/x-www-form-urlencoded"; byte[] data = Encoding.UTF8.GetBytes(body); Stream newStream = request.GetRequestStream(); newStream.Write(data, 0, data.Length); newStream.Close(); HttpWebResponse response = (HttpWebResponse)request.GetResponse(); Stream stream = response.GetResponseStream(); StreamReader reader = new StreamReader(stream, Encoding.UTF8); content = reader.ReadToEnd(); reader.Close(); response.Close(); } catch (Exception ex) { content = ex.ToString(); } return content; } } }

C/C++语言

c语言需要编译一下下,如下流程即可。
wget https://curl.haxx.se/download/curl-7.73.0.tar.gz
./configure
make
gcc test.c -l curl -L /root/c/curl/curl-7.73.0/lib/.libs -I /root/c/curl/curl-7.73.0/include

copy
#include <stdio.h> #include <stdlib.h> #include <string.h> #include <curl/curl.h> typedef struct { char *memory; size_t size; } MemoryStruct; static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp) { size_t realsize = size * nmemb; MemoryStruct *mem = (MemoryStruct *)userp; char *ptr = realloc(mem->memory, mem->size + realsize + 1); if(ptr == NULL) { /* out of memory! */ printf("not enough memory (realloc returned NULL)\n"); return 0; } mem->memory = ptr; memcpy(&(mem->memory[mem->size]), contents, realsize); mem->size += realsize; mem->memory[mem->size] = 0; return realsize; } int httpPost(const char *url, char *data, int size) { int ret = -1; if(url == NULL || data == NULL){ return ret; } CURL *curl = curl_easy_init(); struct curl_slist* headers; long retcode = 0; MemoryStruct chunk; chunk.size = 0; chunk.memory = malloc(1); headers = curl_slist_append(headers, "Content-Type: application/x-www-form-urlencoded"); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); curl_easy_setopt(curl, CURLOPT_POST, 1); curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data); curl_easy_setopt(curl, CURLOPT_URL, url); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback); curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk); CURLcode res = curl_easy_perform(curl); curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &retcode); if (res == CURLE_OK && retcode == 200) { ret = 0; if (chunk.size > 0) { if (chunk.size > size) chunk.size = size - 1; /* 超出限制,不拷贝 */ memcpy(data, chunk.memory, chunk.size); } data[chunk.size] = 0; /* 结束符 */ } else { ret = -2; } curl_easy_cleanup(curl); free(chunk.memory); return ret; } int main(int argc, char *argv[]) { int url_len = 128, data_len = 2048; char *url = (char *)malloc(sizeof(char) * url_len); char *data = (char *)malloc(sizeof(char) * data_len); strcpy(url, "http://www.baidu.com/"); strcpy(data, ""); int ret = httpPost(url, data, data_len); if (ret != 0) { return ret; } printf("[%s]\n\n",data); return 0; }

shell语言

copy
#!/bin/bash # 使用 -k 参数忽略证书 data=$(curl -s -k "http://www.baidu.com/" -d "") echo "$data"

总结

把常用编程语言的http忽略证书代码做个笔记,方便以后再来查看。本来想写写lua的,但是lua连socket都得编译个库来搞,还是以后有需求再搞搞吧。
另外再附上https跳过证书校验底层原理

posted @   janbar  阅读(4174)  评论(0编辑  收藏  举报
编辑推荐:
· .NET Core 托管堆内存泄露/CPU异常的常见思路
· PostgreSQL 和 SQL Server 在统计信息维护中的关键差异
· C++代码改造为UTF-8编码问题的总结
· DeepSeek 解答了困扰我五年的技术问题
· 为什么说在企业级应用开发中,后端往往是效率杀手?
阅读排行:
· 10亿数据,如何做迁移?
· 清华大学推出第四讲使用 DeepSeek + DeepResearch 让科研像聊天一样简单!
· 推荐几款开源且免费的 .NET MAUI 组件库
· 易语言 —— 开山篇
· Trae初体验

FAVOURITE

点击右上角即可分享
微信分享提示
*✧⁺˚⁺ପ(๑・ω・)੭ु⁾⁾ 好好学习天天向上
进入亮色模式
进入亮色模式

FAVOURITE