我已经在谷歌上搜索/测试了各种选项更改,但仍然收到错误,并猜测我有问题。在dll中,这是代码。我使用了来自embacadero的restdebugger来测试它是否真的工作(values/url/response(返回一个带有承载令牌的JSON响应。
objHTTP := TidHTTP.Create(nil);
objHTTP.Response.KeepAlive := True;
objHTTP.Request.UserAgent := 'Mozilla/3.0 (compatible; Indy Library)';
objHTTP.Request.Accept := 'text/html,application/json,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8';
objHTTP.HTTPOptions := [hoForceEncodeParams];
objHTTP.ConnectTimeout := 60 * 1000;
objHTTP.ReadTimeout := 5 * 60 * 1000;
objHTTP.Request.ContentType := 'application/x-www-form-urlencoded';
objHTTP.Request.CharSet := 'utf-8';
objHTTP.Request.Connection := 'keep-alive';
objHTTP.HandleRedirects := True;
objHTTPIOHandler := TIdSSLIOHandlerSocketOpenSSL.Create();
objHTTPIOHandler.ReadTimeout := 5 * 60 * 1000;
objHTTPIOHandler.SSLOptions.Method := sslvTLSv1_2;
// objHTTPIOHandler.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2];
objHTTPIOHandler.SSLOptions.Mode := sslmUnassigned; //(sslmUnassigned, sslmClient, sslmServer, sslmBoth)
objHTTPCompressor := TIdCompressorZLib.Create();
objHTTP.IOHandler := objHTTPIOHandler;
objHTTP.Compressor := objHTTPCompressor;
_ss := TStringStream.Create('client_id=' + 'clien_id' + '&'
+ 'client_secret=' + 'client_secret' + '&'
+ 'scope=' + 'api',
TEncoding.UTF8);
try
try
_ss.Position := 0;
result := objHTTP.Post('https://dev.corporate.com/oauth2/test/v1/token', _ss);
except
on E: Exception do
Result := 'Error';
// ShowMessage('Error on request: ' + #13#10 + e.Message);
end;
finally
_ss.Free;
end;
FreeAndNil(objHTTPIOHandler);
FreeAndNil(objHTTPCompressor);
FreeAndNil(objHTTP);
我查看了我的项目与服务器和rest调试器的连接,从顶部我看到我的项目是tls 1.0,rest调试器是tls 1.2
我删除了sslversions部分,并将方法设置为tls1.2,但fiddler仍然显示为1.0。在改变之前我需要更新indy吗?
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Version: 3.1 (TLS/1.0)
Random: 79 FE 3A F5 D6 1F 8F AA BE 10 DB 53 73 DB 08 97 BC 18 75 A6 8A 8C 60 69 FB D5 8B 93 C4 91 4B 75
"Time": 5/17/2100 7:42:33 PM
SessionID: empty
Extensions:
server_name dev.corporation.com
ec_point_formats uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2 [0x2]
supported_groups secp256r1 [0x17], secp521r1 [0x19], unknown [0x1c], unknown [0x1b], secp384r1 [0x18], unknown [0x1a], secp256k1 [0x16], sect571r1 [0xe], sect571k1 [0xd], sect409k1 [0xb], sect409r1 [0xc], sect283k1 [0x9], sect283r1 [0xa]
SessionTicket empty
heartbeat_rfc_6520 01
Ciphers:
[C014] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
[C00A] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[0039] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
[0038] TLS_DHE_DSS_WITH_AES_256_CBC_SHA
[0037] TLS_DH_RSA_WITH_AES_256_CBC_SHA
[0036] TLS_DH_DSS_WITH_AES_256_CBC_SHA
[C00F] TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
[C005] TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
[0035] TLS_RSA_WITH_AES_256_CBC_SHA
[0088] TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
[0087] TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
[0086] TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
[0085] TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
[0084] TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
[C013] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
[C009] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[0033] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
[0032] TLS_DHE_DSS_WITH_AES_128_CBC_SHA
[0031] TLS_DH_RSA_WITH_AES_128_CBC_SHA
[0030] TLS_DH_DSS_WITH_AES_128_CBC_SHA
[C00E] TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
[C004] TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
[002F] TLS_RSA_WITH_AES_128_CBC_SHA
[009A] TLS_DHE_RSA_WITH_SEED_CBC_SHA
[0099] TLS_DHE_DSS_WITH_SEED_CBC_SHA
[0098] TLS_DH_RSA_WITH_SEED_CBC_SHA
[0097] TLS_DH_DSS_WITH_SEED_CBC_SHA
[0045] TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
[0044] TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
[0043] TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
[0042] TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
[0096] TLS_RSA_WITH_SEED_CBC_SHA
[0041] TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
[0007] SSL_RSA_WITH_IDEA_SHA
[C011] TLS_ECDHE_RSA_WITH_RC4_128_SHA
[C007] TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
[C00C] TLS_ECDH_RSA_WITH_RC4_128_SHA
[C002] TLS_ECDH_ECDSA_WITH_RC4_128_SHA
[0005] SSL_RSA_WITH_RC4_128_SHA
[0004] SSL_RSA_WITH_RC4_128_MD5
[C012] TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
[C008] TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
[0016] SSL_DHE_RSA_WITH_3DES_EDE_SHA
[0013] SSL_DHE_DSS_WITH_3DES_EDE_SHA
[0010] SSL_DH_RSA_WITH_3DES_EDE_SHA
[000D] SSL_DH_DSS_WITH_3DES_EDE_SHA
[C00D] TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
[C003] TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
[000A] SSL_RSA_WITH_3DES_EDE_SHA
[00FF] TLS_EMPTY_RENEGOTIATION_INFO_SCSV
Compression:
[00] NO_COMPRESSION
restdebugger的响应:
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Version: 3.3 (TLS/1.2)
Random: 63 3C 8B E3 90 77 7F 1A 0F 0D B8 8C 6D 55 C8 97 9B AC 37 75 01 74 65 8B 14 A3 C4 47 6B 9A 8E 75
"Time": 12/21/2090 9:23:15 AM
SessionID: F4 1C 00 00 8D B2 EA 6F 00 37 9B 61 38 78 2E 8E 19 28 BD B9 C8 BE CC 63 70 3E 76 72 60 4E 61 EA
Extensions:
server_name dev.corporation.com
status_request OCSP - Implicit Responder
supported_groups x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18]
ec_point_formats uncompressed [0x0]
signature_algs rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha1, ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_sha1, dsa_sha1, rsa_pkcs1_sha512, ecdsa_secp521r1_sha512
SessionTicket empty
extended_master_secret empty
renegotiation_info 00
Ciphers:
[C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[C024] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
[C023] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
[C028] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
[C027] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
[C00A] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[C009] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[C014] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
[C013] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
[009D] TLS_RSA_WITH_AES_256_GCM_SHA384
[009C] TLS_RSA_WITH_AES_128_GCM_SHA256
[003D] TLS_RSA_WITH_AES_256_CBC_SHA256
[003C] TLS_RSA_WITH_AES_128_CBC_SHA256
[0035] TLS_RSA_WITH_AES_256_CBC_SHA
[002F] TLS_RSA_WITH_AES_128_CBC_SHA
[000A] SSL_RSA_WITH_3DES_EDE_SHA
Compression:
[00] NO_COMPRESSION
分配正确的ssliohandlerBONEHEADED编码错误。http、ssliohandler和压缩器有一组全局变量。我用自己的相同类型的变量和不同的名称创建了上面的。复制/粘贴/编辑。我将所有的obj…添加到变量的前面,除了在执行赋值objhttp.handler:=httpiohanlder时;httpiohandler是一个全局var,我断断续续地看了大约一个星期的代码。最后,在喝了几杯啤酒之后,我实际查看了代码,发现了问题,然后将其更改为在该函数范围内创建的objhttpiohandler。真是个愚蠢愚蠢的错误。从复制/粘贴/编辑。因此,现在显示的代码是固定的并且有效。感谢雷米让我意识到/理解Indy在正确使用时效果良好。