diff --git a/app/build.gradle b/app/build.gradle index 57db1869..fa87c62d 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -33,7 +33,7 @@ android { dependencies { implementation 'com.squareup.okhttp3:okhttp:3.12.13' - implementation 'com.google.code.gson:gson:2.9.1' + implementation 'com.google.code.gson:gson:2.8.6' implementation 'cn.wanghaomiao:JsoupXpath:2.5.1' implementation 'com.google.zxing:core:3.3.0' implementation 'org.jsoup:jsoup:1.15.3' diff --git a/app/src/main/java/com/github/catvod/net/OkHttpUtil.java b/app/src/main/java/com/github/catvod/net/OkHttpUtil.java index 010efb42..689617e2 100644 --- a/app/src/main/java/com/github/catvod/net/OkHttpUtil.java +++ b/app/src/main/java/com/github/catvod/net/OkHttpUtil.java @@ -24,7 +24,7 @@ public class OkHttpUtil { public static OkHttpClient defaultClient() { synchronized (lockO) { if (defaultClient == null) { - OkHttpClient.Builder builder = new OkHttpClient.Builder().dns(safeDns()).readTimeout(DEFAULT_TIMEOUT, TimeUnit.SECONDS).writeTimeout(DEFAULT_TIMEOUT, TimeUnit.SECONDS).connectTimeout(DEFAULT_TIMEOUT, TimeUnit.SECONDS).retryOnConnectionFailure(true).sslSocketFactory(new SSLSocketFactoryCompat(), SSLSocketFactoryCompat.trustAllCert); + OkHttpClient.Builder builder = new OkHttpClient.Builder().dns(safeDns()).readTimeout(DEFAULT_TIMEOUT, TimeUnit.SECONDS).writeTimeout(DEFAULT_TIMEOUT, TimeUnit.SECONDS).connectTimeout(DEFAULT_TIMEOUT, TimeUnit.SECONDS).retryOnConnectionFailure(true).hostnameVerifier(SSLSocketFactoryCompat.hostnameVerifier).sslSocketFactory(new SSLSocketFactoryCompat(), SSLSocketFactoryCompat.trustAllCert); defaultClient = builder.build(); } return defaultClient; diff --git a/app/src/main/java/com/github/catvod/net/SSLSocketFactoryCompat.java b/app/src/main/java/com/github/catvod/net/SSLSocketFactoryCompat.java index 13b8c2f1..f8db4608 100644 --- a/app/src/main/java/com/github/catvod/net/SSLSocketFactoryCompat.java +++ b/app/src/main/java/com/github/catvod/net/SSLSocketFactoryCompat.java @@ -5,9 +5,13 @@ import java.net.InetAddress; import java.net.Socket; import java.security.GeneralSecurityException; import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.HashSet; import java.util.LinkedList; import java.util.List; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; @@ -15,6 +19,8 @@ import javax.net.ssl.X509TrustManager; public class SSLSocketFactoryCompat extends SSLSocketFactory { + public static final HostnameVerifier hostnameVerifier = (hostname, session) -> true; + public static final X509TrustManager trustAllCert = new X509TrustManager() { @Override @@ -41,6 +47,12 @@ public class SSLSocketFactoryCompat extends SSLSocketFactory { List protocols = new LinkedList<>(); for (String protocol : socket.getSupportedProtocols()) if (!protocol.toUpperCase().contains("SSL")) protocols.add(protocol); SSLSocketFactoryCompat.protocols = protocols.toArray(new String[protocols.size()]); + List allowedCiphers = Arrays.asList("TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"); + List availableCiphers = Arrays.asList(socket.getSupportedCipherSuites()); + HashSet preferredCiphers = new HashSet<>(allowedCiphers); + preferredCiphers.retainAll(availableCiphers); + preferredCiphers.addAll(new HashSet<>(Arrays.asList(socket.getEnabledCipherSuites()))); + SSLSocketFactoryCompat.cipherSuites = preferredCiphers.toArray(new String[preferredCiphers.size()]); } } catch (IOException e) { throw new RuntimeException(e); @@ -54,8 +66,9 @@ public class SSLSocketFactoryCompat extends SSLSocketFactory { SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new X509TrustManager[]{SSLSocketFactoryCompat.trustAllCert}, null); defaultFactory = sslContext.getSocketFactory(); + HttpsURLConnection.setDefaultSSLSocketFactory(defaultFactory); } catch (GeneralSecurityException e) { - throw new AssertionError(); // The system has no TLS. Just give up. + throw new AssertionError(); } } @@ -63,6 +76,9 @@ public class SSLSocketFactoryCompat extends SSLSocketFactory { if (protocols != null) { ssl.setEnabledProtocols(protocols); } + if (cipherSuites != null) { + ssl.setEnabledCipherSuites(cipherSuites); + } } @Override diff --git a/jar/custom_spider.jar b/jar/custom_spider.jar index 393e0f84..da1b51ea 100644 Binary files a/jar/custom_spider.jar and b/jar/custom_spider.jar differ diff --git a/jar/custom_spider.jar.md5 b/jar/custom_spider.jar.md5 index b87ac875..02919a8d 100644 --- a/jar/custom_spider.jar.md5 +++ b/jar/custom_spider.jar.md5 @@ -1 +1 @@ -0253ba01e6a8e8f11716139823b8baab +e889b257fb9dbaf519f3c095231c12ea