这现在是hs-tls
中的一个修复错误。
在我可以使用必应翻译 API 之前,我必须获取访问令牌。这基本上相当于以下代码片段,从curl
开始工作正常
curl -Lp --data-urlencode client_id=$APPID
--data-urlencode client_secret=$SECRET
--data-urlencode scope='http://api.microsofttranslator.com'
--data-urlencode grant_type="client_credentials"
https://datamarket.accesscontrol.windows.net/v2/OAuth2-13
并立即使用一些包含令牌的 JSON 进行响应。请记住,即使是错误/格式错误的请求也会引发一些包含错误消息的响应,尽管通常也会引发 400 错误请求 HTTP 响应代码。
当我尝试在 Haskell 中复制它时,它会立即失败(重新格式化(:
*** Exception: FailedConnectionException2 "datamarket.accesscontrol.windows.net"
443 True <socket: 11>: hPutBuf: resource vanished (Broken pipe)
此外,当我尝试对不同的主机发出更简单的 (https( 请求时,一切都按预期工作。
当有人可以告诉我这里发生了什么时,这个问题就解决了。
如果你让它与另一个库一起工作,那也很有用,但不是这个问题的真正内容。
下面显示了一个自包含示例。
{-# LANGUAGE OverloadedStrings #-}
module Test where
import Control.Monad
import Data.Maybe
import Network.HTTP.Client as N
import Network.HTTP.Client.TLS as N
import qualified Data.ByteString.Lazy.Char8 as B
import qualified Data.ByteString.Char8 as BS
import Debug.Trace
badURL :: String
badURL = "https://datamarket.accesscontrol.windows.net/v2/OAuth2-13"
goodURL :: String
goodURL = "https://httpbin.org/post"
requestData :: [(BS.ByteString, BS.ByteString)]
requestData = [
("client_id", "APPID"),
("client_secret", "SECRETSECRET"),
("scope", "http://api.microsofttranslator.com"),
("grant_type", "client_credentials")]
mkReq :: String -> Request
mkReq url = urlEncodedBody requestData . fromJust $ parseUrl url
go :: String -> IO ()
go url = do
let addHeaders h r = r { requestHeaders = h ++ requestHeaders r }
headers = [("User-Agent", "curl/7.39.0")
,("Accept", "*/*")
]
req = addHeaders headers (mkReq url)
N.withManager N.tlsManagerSettings $ man -> do
resp <- httpLbs req man
guard (trace "wefwef" True)
B.putStrLn $ responseBody resp
return ()
{-
- *Main> go goodURL
- wefwef
- {
- "args": {},
- "data": "",
- "files": {},
- "form": {
- "client_id": "APPID",
- "client_secret": "SECRETSECRET",
- "grant_type": "client_credentials",
- "scope": "http://api.microsofttranslator.com"
- },
- "headers": {
- "Accept": "*/*",
- "Accept-Encoding": "gzip",
- "Connect-Time": "1",
- "Connection": "close",
- "Content-Length": "119",
- "Content-Type": "application/x-www-form-urlencoded",
- "Host": "httpbin.org",
- "Total-Route-Time": "0",
- "User-Agent": "curl/7.39.0",
- "Via": "1.1 vegur",
- "X-Request-Id": "3ed2de84-a1a3-4560-b7e3-f2dabfe45727"
- },
- "json": null,
- "origin": "108.85.134.2",
- "url": "https://httpbin.org/post"
- }
- *Main> go badURL
- *** Exception: FailedConnectionException2 "datamarket.accesscontrol.windows.net" 443 True <socket: 11>: hPutBuf: resource vanished (Broken pipe)
-}
编辑:
我也尝试过tls-simpleclient
和tls-retrievecertificate
,但也遇到了损坏的管道错误。
$ tls-simpleclient -d -v datamarket.accesscontrol.windows.net
sending query:
GET / HTTP/1.0
debug: >> Handshake [ClientHello TLS12 (ClientRandom "235=wnV156z143M168+n165`193217132G144204187178SOHG156EM195168251l232+") (Session Nothing) [107,103,57,51,56,50,47,53,4,5,10] [0] [(0,"NUL'NULNUL$datamarket.accesscontrol.windows.net"),(65281,"NUL")] Nothing]
debug: >> Alert [(AlertLevel_Fatal,InternalError)]
tls-simpleclient: send: resource vanished (Broken pipe)
$ .cabal-sandbox/bin/tls-retrievecertificate datamarket.accesscontrol.windows.net 443
connecting to datamarket.accesscontrol.windows.net on port 443 ...
tls-retrievecertificate: send: resource vanished (Broken pipe)
似乎 datamarket.accesscontrol.windows.net 不喜欢Haskell的TLS实现。
您可以通过执行以下操作来添加 TLS 数据包的日志记录:
在connection
包中,对Network/Connection.hs
进行以下更改
添加import Network.TLS ((Logging(..))
修改tlsEstablish
,如下所示:
tlsEstablish :: Handle -> TLS.ClientParams -> IO TLS.Context
tlsEstablish handle tlsParams = do
rng <- RNG.makeSystem
ctx <- TLS.contextNew handle tlsParams rng
+ let logging = def { loggingPacketSent = (s -> putStrLn $ "<-- sent packet " ++ s)
+ , loggingPacketRecv = (s -> putStrLn $ "--> recv packet " ++ s)
+ }
+ TLS.contextHookSetLogging ctx logging
TLS.handshake ctx
return ctx
执行go goodURL
时,您会看到以量:
<-- sent packet Handshake [ClientHello TLS12 ...
--> recv packet Handshake [ServerHello TLS12 ...
...
但是当你执行go badURL
时,你只会看到:
<-- sent packet Handshake [ClientHello TLS12
<-- sent packet Alert [(AlertLevel_Fatal,InternalError)]
*** Exception: FailedConnectionException2 "datamarket.accesscontrol.windows.net" 443 True <socket: 13>: hPutBuf: resource vanished (Broken pipe)
解释是:
- 客户端发送握手数据包
- 远程端关闭连接
- 客户端上引发的管道断开异常
- 客户端发送警报数据包以通知远程端内部错误(即管道中断异常(
- 客户端引发失败连接异常2
更新:您可以通过运行以下命令来完成相同的操作:
tls-simpleclient -d -v datamarket.accesscontrol.windows.net
TLS-simpleClient可以在 https://github.com/vincenthz/hs-tls 中找到