Fix
This commit is contained in:
FongMi
parent
782cff1b90
commit
b4ed49a520
|
|
@ -3,13 +3,11 @@ package com.github.catvod.net;
|
||||||
import com.github.catvod.crawler.Spider;
|
import com.github.catvod.crawler.Spider;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.concurrent.TimeUnit;
|
import java.util.concurrent.TimeUnit;
|
||||||
|
|
||||||
import okhttp3.Call;
|
import okhttp3.Call;
|
||||||
import okhttp3.ConnectionSpec;
|
|
||||||
import okhttp3.Dns;
|
import okhttp3.Dns;
|
||||||
import okhttp3.Headers;
|
import okhttp3.Headers;
|
||||||
import okhttp3.OkHttpClient;
|
import okhttp3.OkHttpClient;
|
||||||
|
|
@ -38,7 +36,7 @@ public class OkHttp {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static OkHttpClient.Builder getBuilder() {
|
public static OkHttpClient.Builder getBuilder() {
|
||||||
return new OkHttpClient.Builder().dns(safeDns()).readTimeout(30, TimeUnit.SECONDS).writeTimeout(30, TimeUnit.SECONDS).connectTimeout(30, TimeUnit.SECONDS).hostnameVerifier(SSLSocketFactoryCompat.hostnameVerifier).sslSocketFactory(new SSLSocketFactoryCompat(), SSLSocketFactoryCompat.trustAllCert);
|
return new OkHttpClient.Builder().dns(safeDns()).readTimeout(30, TimeUnit.SECONDS).writeTimeout(30, TimeUnit.SECONDS).connectTimeout(30, TimeUnit.SECONDS).hostnameVerifier(SSLCompat.VERIFIER).sslSocketFactory(new SSLCompat(), SSLCompat.TM);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static OkHttpClient client() {
|
public static OkHttpClient client() {
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,121 @@
|
||||||
|
package com.github.catvod.net;
|
||||||
|
|
||||||
|
import android.annotation.SuppressLint;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.InetAddress;
|
||||||
|
import java.net.Socket;
|
||||||
|
import java.security.cert.X509Certificate;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.LinkedList;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
import javax.net.ssl.HostnameVerifier;
|
||||||
|
import javax.net.ssl.HttpsURLConnection;
|
||||||
|
import javax.net.ssl.SSLContext;
|
||||||
|
import javax.net.ssl.SSLSocket;
|
||||||
|
import javax.net.ssl.SSLSocketFactory;
|
||||||
|
import javax.net.ssl.X509TrustManager;
|
||||||
|
|
||||||
|
public class SSLCompat extends SSLSocketFactory {
|
||||||
|
|
||||||
|
public static final HostnameVerifier VERIFIER = (hostname, session) -> true;
|
||||||
|
private static String[] cipherSuites;
|
||||||
|
private static String[] protocols;
|
||||||
|
private SSLSocketFactory factory;
|
||||||
|
|
||||||
|
static {
|
||||||
|
try {
|
||||||
|
SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
|
||||||
|
List<String> protocols = new LinkedList<>();
|
||||||
|
for (String protocol : socket.getSupportedProtocols()) if (!protocol.toUpperCase().contains("SSL")) protocols.add(protocol);
|
||||||
|
SSLCompat.protocols = protocols.toArray(new String[protocols.size()]);
|
||||||
|
List<String> allowedCiphers = Arrays.asList("TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
|
||||||
|
List<String> availableCiphers = Arrays.asList(socket.getSupportedCipherSuites());
|
||||||
|
HashSet<String> preferredCiphers = new HashSet<>(allowedCiphers);
|
||||||
|
preferredCiphers.retainAll(availableCiphers);
|
||||||
|
preferredCiphers.addAll(new HashSet<>(Arrays.asList(socket.getEnabledCipherSuites())));
|
||||||
|
SSLCompat.cipherSuites = preferredCiphers.toArray(new String[preferredCiphers.size()]);
|
||||||
|
} catch (IOException e) {
|
||||||
|
e.printStackTrace();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public SSLCompat() {
|
||||||
|
try {
|
||||||
|
SSLContext context = SSLContext.getInstance("TLS");
|
||||||
|
context.init(null, new X509TrustManager[]{TM}, null);
|
||||||
|
HttpsURLConnection.setDefaultSSLSocketFactory(factory = context.getSocketFactory());
|
||||||
|
} catch (Exception e) {
|
||||||
|
e.printStackTrace();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String[] getDefaultCipherSuites() {
|
||||||
|
return cipherSuites;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String[] getSupportedCipherSuites() {
|
||||||
|
return cipherSuites;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
|
||||||
|
Socket ssl = factory.createSocket(s, host, port, autoClose);
|
||||||
|
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
||||||
|
return ssl;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Socket createSocket(String host, int port) throws IOException {
|
||||||
|
Socket ssl = factory.createSocket(host, port);
|
||||||
|
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
||||||
|
return ssl;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
|
||||||
|
Socket ssl = factory.createSocket(host, port, localHost, localPort);
|
||||||
|
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
||||||
|
return ssl;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Socket createSocket(InetAddress host, int port) throws IOException {
|
||||||
|
Socket ssl = factory.createSocket(host, port);
|
||||||
|
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
||||||
|
return ssl;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
|
||||||
|
Socket ssl = factory.createSocket(address, port, localAddress, localPort);
|
||||||
|
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
||||||
|
return ssl;
|
||||||
|
}
|
||||||
|
|
||||||
|
private void upgradeTLS(SSLSocket ssl) {
|
||||||
|
if (protocols != null) ssl.setEnabledProtocols(protocols);
|
||||||
|
if (cipherSuites != null) ssl.setEnabledCipherSuites(cipherSuites);
|
||||||
|
}
|
||||||
|
|
||||||
|
@SuppressLint({"TrustAllX509TrustManager", "CustomX509TrustManager"})
|
||||||
|
public static final X509TrustManager TM = new X509TrustManager() {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void checkClientTrusted(X509Certificate[] chain, String authType) {
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void checkServerTrusted(X509Certificate[] chain, String authType) {
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public X509Certificate[] getAcceptedIssuers() {
|
||||||
|
return new X509Certificate[]{};
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -1,128 +0,0 @@
|
||||||
package com.github.catvod.net;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.net.InetAddress;
|
|
||||||
import java.net.Socket;
|
|
||||||
import java.security.GeneralSecurityException;
|
|
||||||
import java.security.cert.X509Certificate;
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.HashSet;
|
|
||||||
import java.util.LinkedList;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
import javax.net.ssl.HostnameVerifier;
|
|
||||||
import javax.net.ssl.HttpsURLConnection;
|
|
||||||
import javax.net.ssl.SSLContext;
|
|
||||||
import javax.net.ssl.SSLSocket;
|
|
||||||
import javax.net.ssl.SSLSocketFactory;
|
|
||||||
import javax.net.ssl.X509TrustManager;
|
|
||||||
|
|
||||||
public class SSLSocketFactoryCompat extends SSLSocketFactory {
|
|
||||||
|
|
||||||
public static final HostnameVerifier hostnameVerifier = (hostname, session) -> true;
|
|
||||||
|
|
||||||
public static final X509TrustManager trustAllCert = new X509TrustManager() {
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void checkClientTrusted(X509Certificate[] chain, String authType) {
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void checkServerTrusted(X509Certificate[] chain, String authType) {
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public X509Certificate[] getAcceptedIssuers() {
|
|
||||||
return new X509Certificate[]{};
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
static String[] protocols = null;
|
|
||||||
static String[] cipherSuites = null;
|
|
||||||
|
|
||||||
static {
|
|
||||||
try {
|
|
||||||
SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
|
|
||||||
if (socket != null) {
|
|
||||||
List<String> protocols = new LinkedList<>();
|
|
||||||
for (String protocol : socket.getSupportedProtocols()) if (!protocol.toUpperCase().contains("SSL")) protocols.add(protocol);
|
|
||||||
SSLSocketFactoryCompat.protocols = protocols.toArray(new String[protocols.size()]);
|
|
||||||
List<String> allowedCiphers = Arrays.asList("TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
|
|
||||||
List<String> availableCiphers = Arrays.asList(socket.getSupportedCipherSuites());
|
|
||||||
HashSet<String> preferredCiphers = new HashSet<>(allowedCiphers);
|
|
||||||
preferredCiphers.retainAll(availableCiphers);
|
|
||||||
preferredCiphers.addAll(new HashSet<>(Arrays.asList(socket.getEnabledCipherSuites())));
|
|
||||||
SSLSocketFactoryCompat.cipherSuites = preferredCiphers.toArray(new String[preferredCiphers.size()]);
|
|
||||||
}
|
|
||||||
} catch (IOException e) {
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private final SSLSocketFactory defaultFactory;
|
|
||||||
|
|
||||||
public SSLSocketFactoryCompat() {
|
|
||||||
try {
|
|
||||||
SSLContext sslContext = SSLContext.getInstance("TLS");
|
|
||||||
sslContext.init(null, new X509TrustManager[]{SSLSocketFactoryCompat.trustAllCert}, null);
|
|
||||||
defaultFactory = sslContext.getSocketFactory();
|
|
||||||
HttpsURLConnection.setDefaultSSLSocketFactory(defaultFactory);
|
|
||||||
} catch (GeneralSecurityException e) {
|
|
||||||
throw new AssertionError();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void upgradeTLS(SSLSocket ssl) {
|
|
||||||
if (protocols != null) {
|
|
||||||
ssl.setEnabledProtocols(protocols);
|
|
||||||
}
|
|
||||||
if (cipherSuites != null) {
|
|
||||||
ssl.setEnabledCipherSuites(cipherSuites);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String[] getDefaultCipherSuites() {
|
|
||||||
return cipherSuites;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String[] getSupportedCipherSuites() {
|
|
||||||
return cipherSuites;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
|
|
||||||
Socket ssl = defaultFactory.createSocket(s, host, port, autoClose);
|
|
||||||
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
|
||||||
return ssl;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Socket createSocket(String host, int port) throws IOException {
|
|
||||||
Socket ssl = defaultFactory.createSocket(host, port);
|
|
||||||
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
|
||||||
return ssl;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
|
|
||||||
Socket ssl = defaultFactory.createSocket(host, port, localHost, localPort);
|
|
||||||
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
|
||||||
return ssl;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Socket createSocket(InetAddress host, int port) throws IOException {
|
|
||||||
Socket ssl = defaultFactory.createSocket(host, port);
|
|
||||||
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
|
||||||
return ssl;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
|
|
||||||
Socket ssl = defaultFactory.createSocket(address, port, localAddress, localPort);
|
|
||||||
if (ssl instanceof SSLSocket) upgradeTLS((SSLSocket) ssl);
|
|
||||||
return ssl;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Binary file not shown.
|
|
@ -1 +1 @@
|
||||||
c48e1d66048b6807ba74245339fc9143
|
821071667b7c38c3c3add081c58f4f32
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue