用 Python 下载公开课视频 提示 EOF occurred in violation of protocol 是 GFW 在捣乱?

2015-06-04 21:31:53 +08:00
 coiby

改写了一个公开课edX程序(实现从CDN cloudfront下载,从而避免翻墙,地址: https://github.com/Coiby/edx-downloader ),最近无法下载课程视频了,提示:
error: SSLError(8, '_ssl.c:510: EOF occurred in violation of protocol')

如果走VPS代理,就能正常下载了(比如视频地址 https://d2f1egay8yehza.cloudfront.net/MCGBDYXX/MCGBDYXXT115-V012000_DTH.mp4)。

请问下熟悉这领域的高手,这是GFW在作恶吗?如何判断?有什么解决方法?谢谢!

附上更多测试结果:

  1. 不走代理用wget下,提示:
    Resolving d2f1egay8yehza.cloudfront.net (d2f1egay8yehza.cloudfront.net)... 54.182.7.50, 54.182.2.187, 54.182.3.101, ...
    Connecting to d2f1egay8yehza.cloudfront.net(d2f1egay8yehza.cloudfront.net)|54.182.7.50|:443... connected.
    Unable to establish SSL connection.

  2. 用openssl(openssl s_client -connect d2f1egay8yehza.cloudfront.net:443 -tls1_2)得到的信息是:
    ```
    CONNECTED(00000003)

    140235657782944:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:

    no peer certificate available

    No client certificate CA names sent

    SSL handshake has read 0 bytes and written 0 bytes

    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    SSL-Session:
    Protocol : TLSv1.2
    Cipher : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1433423574
    Timeout : 7200 (sec)

    Verify return code: 0 (ok)

  3. 如果走代理,执行上面的(openssl s_client -connect d2f1egay8yehza.cloudfront.net:443 -tls1_2)则是:
    ```
    CONNECTED(00000003)
    depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5
    verify error:num=20:unable to get local issuer certificate

    verify return:0

    Certificate chain
    0 s:/C=US/ST=Washington/L=Seattle/O=Amazon.com, Inc./CN=*.cloudfront.net
    i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3
    1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3
    i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
    2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5

    i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority

    Server certificate
    -----BEGIN CERTIFICATE-----
    ...省略
    -----END CERTIFICATE-----
    subject=/C=US/ST=Washington/L=Seattle/O=Amazon.com, Inc./CN=*.cloudfront.net

    issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3

    No client certificate CA names sent

    SSL handshake has read 4727 bytes and written 421 bytes

    New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
    Server public key is 2048 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
    SSL-Session:
    ....省略
    Start Time: 1433423644
    Timeout : 7200 (sec)

    Verify return code: 20 (unable to get local issuer certificate)

559 次点击
所在节点    问与答
2 条回复
402645707
2015-06-05 16:58:38 +08:00
cf貌似在大陆的cdn几乎天天抽风被ban
lz可以试试香港的服务器
coiby
2015-06-08 20:32:36 +08:00
@402645707 多谢回复!

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/196178

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX