SSL：SSLV3_ALERT_HANDSHAKE_FAILURE FTPLib Python

我正在尝试使用 python 中的 ftplib 通过 LTS/SSL Explicit 连接到 FTPS 站点。由于某些原因，我不断收到 SSL: SSLV3_ALERT_HANDSHAKE_FAILURE 错误消息。然而，它使用 WinSCP 工作得很好。

我尝试了很多在互联网上阅读的不同选项，但没有任何效果。任何帮助/建议将不胜感激！

这是代码

ftp = FTP_TLS()
ftp.debugging = 2
ftp.connect('xxx.xxxx.xxx', 990)
ftp.auth()
ftp.prot_p()
ftp.login('username', 'password')

ssl.SSLError: \[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE\] sslv3 alert handshake failure (\_ssl.c:997)

Here is the server and protocol information I got from WinSCP
Remote system = UNIX Type: L8
File transfer protocol = FTP
Cryptographic protocol = TLS/SSL Explicit encryption, TLSv1
Encryption algorithm = SSLv3: DHE-RSA-AES256-SHA, 2048 bit RSA, DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1

我尝试设置特定的密码和不同的 ssl 协议版本

WinSCP 日志：

< 2023-04-06 21:34:57.065 Script: Connecting to xxx.xxx.xxx:990 ...
. 2023-04-06 21:34:57.065 Connecting to xxx.xxx.xxx:990 ...
. 2023-04-06 21:34:57.115 Connected with xxx.xxx.xxx:990, negotiating TLS connection...
< 2023-04-06 21:34:57.280 220 ProFTPD 1.3.2 Server (xxx.xxx.xxx) [::ffff:xxx.xxx.xxx]
> 2023-04-06 21:34:57.280 AUTH TLS
< 2023-04-06 21:34:57.326 234 AUTH TLS successful
. 2023-04-06 21:34:57.645 Verifying certificate for "Company" with fingerprint fa:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx: and 20 failures
. 2023-04-06 21:34:57.645 Certificate common name "xxx.xxx.xxx" matches hostname
. 2023-04-06 21:34:57.645 Certificate for "Company" matches configured fingerprint
. 2023-04-06 21:34:57.645 Using TLSv1, cipher SSLv3: DHE-RSA-AES256-SHA, 2048 bit RSA, DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
< 2023-04-06 21:34:57.645 Script: TLS connection established. Waiting for welcome message...
. 2023-04-06 21:34:57.645 TLS connection established. Waiting for welcome message...
> 2023-04-06 21:34:57.645 USER UserName
< 2023-04-06 21:34:57.698 331 Password required for UserName
> 2023-04-06 21:34:57.698 PASS ********
< 2023-04-06 21:34:57.795 230 User UserName logged in
> 2023-04-06 21:34:57.795 SYST
< 2023-04-06 21:34:57.841 215 UNIX Type: L8
> 2023-04-06 21:34:57.841 FEAT
< 2023-04-06 21:34:57.885 211-Features:
< 2023-04-06 21:34:57.885  MDTM
< 2023-04-06 21:34:57.885  MFMT
< 2023-04-06 21:34:57.885  AUTH TLS
< 2023-04-06 21:34:57.885  MFF modify;UNIX.group;UNIX.mode;
< 2023-04-06 21:34:57.885  MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
< 2023-04-06 21:34:57.885  PBSZ
< 2023-04-06 21:34:57.885  PROT
< 2023-04-06 21:34:57.885  REST STREAM
< 2023-04-06 21:34:57.885  SIZE
< 2023-04-06 21:34:57.979 211 End
> 2023-04-06 21:34:57.979 PBSZ 0
< 2023-04-06 21:34:58.023 200 PBSZ 0 successful
> 2023-04-06 21:34:58.023 PROT P
< 2023-04-06 21:34:58.067 200 Protection set to Private
< 2023-04-06 21:34:58.067 Script: Connected
. 2023-04-06 21:34:58.067 Connected

Python调试日志：

*get* '220 ProFTPD 1.3.2 Server (xxx.xxx.xxx) [::ffff:xxx.xxx.xxx]\n'
*resp* '220 ProFTPD 1.3.2 Server (xxx.xxx.xxx) [::ffff:xxx.xxx.xxx]'
*cmd* 'AUTH TLS'
*put* 'AUTH TLS\r\n'
*get* '234 AUTH TLS successful\n'
*resp* '234 AUTH TLS successful'
Traceback (most recent call last):
  File "C:\Path\Python\Sandbox_FTP_TLS_Explicit.py", line 17, in <module>
    ftp = connect()
  File "C:\Path\Python\Sandbox_FTP_TLS_Explicit.py", line 12, in connect
    ftp.auth()
  File "C:\Path\Python\Python310\lib\ftplib.py", line 756, in auth
    self.sock = self.context.wrap_socket(self.sock, server_hostname=self.host)
  File "C:\Path\Python\Python310\lib\ssl.py", line 513, in wrap_socket
    return self.sslsocket_class._create(
  File "C:\Path\Python\Python310\lib\ssl.py", line 1071, in _create
    self.do_handshake()
  File "C:\Path\Python\Python310\lib\ssl.py", line 1342, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:997)