英文:
tls: oversized record received with length XXXXX
问题
我使用内置的标准SSL套接字客户端库(net + crypto/tls)的方式如下:
conn, err := net.Dial("tcp", "exploit.im:5222")
//...
config := tls.Config{InsecureSkipVerify: true}
tls_conn := tls.Client(conn, &config)
fmt.Println(tls_conn.Handshake())
我收到以下消息:
conn, err := net.Dial("tcp", "exploit.im:5222")
我设法找出它与默认的最大数据包大小有关(在common.go的第31行设置为16384 + 2048)。是否有任何标准的解决方法(而不需要修补此值并重新构建库)?
英文:
I use the built-in standard SSL socket client library (net + crypto/tls) like this:
conn, err := net.Dial("tcp", "exploit.im:5222")
//...
config := tls.Config{InsecureSkipVerify: true}
tls_conn := tls.Client(conn, &config)
fmt.Println(tls_conn.Handshake())
And am getting the message:
> conn, err := net.Dial("tcp", "exploit.im:5222")
I managed to find out it is somehow related to the default maximum packet size (16384 + 2048 set in common.go:31). Is there any standard work around (without patching this value & rebuilding the lib)?
答案1
得分: 3
如果您尝试与不回复 SSL 的对等方进行 SSL 握手,就会收到这种消息。在这种情况下,可能是某个 XMPP 服务器,并且在使用 XMPP 之前,您首先需要进行一些明文握手,然后再开始 SSL。试图直接启动 SSL 将导致将服务器的明文响应解释为 SSL 帧,从而可能导致出现此类奇怪的错误消息。
英文:
You get this kind of messages if you try to do a SSL handshake with a peer which does not reply with SSL. In this case it is probably some XMPP server and with XMPP you first have some clear text handshake before you start with SSL. Trying to start directly with SSL will result in interpreting the servers clear text response as an SSL frame which can result in strange error messages like this.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论