Last active
September 4, 2018 10:18
-
-
Save AoEiuV020/20a58779d0817b9d2c9c22d9768cb813 to your computer and use it in GitHub Desktop.
解决安卓4.4下okhttp3用https各种坑,
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package cc.aoeiuv020.demo | |
| import android.os.Build | |
| import okhttp3.Request | |
| import org.junit.Assert.fail | |
| import org.junit.Test | |
| import javax.net.ssl.SSLHandshakeException | |
| /** | |
| * Created by AoEiuV020 on 2018.09.04-15:19:30. | |
| */ | |
| class HttpsTest { | |
| @Test | |
| fun sslv3() { | |
| get("https://lnovel.cc") | |
| get("https://www.shangshu.cc") | |
| } | |
| @Test | |
| fun clearText() { | |
| // 这网站可能超时, | |
| get("https://www.haxds.com") | |
| } | |
| @Test | |
| fun timeout() { | |
| // 这个可能是墙内上不去了, | |
| // get("https://www.gxwztv.com") | |
| } | |
| @Test | |
| fun trust() { | |
| // 这个厂商不受android4.4信任,内置浏览器也是报错的, | |
| /* | |
| issuer: C=CN,O=TrustAsia Technologies\, Inc.,OU=Domain Validated SSL,CN=TrustAsia TLS RSA CA G8 | |
| */ | |
| try { | |
| get("https://www.zhuishu.tw") | |
| if (Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP) { | |
| fail() | |
| } | |
| } catch (e: SSLHandshakeException) { | |
| if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { | |
| fail() | |
| } | |
| } | |
| } | |
| @Test | |
| fun novel() { | |
| get("https://www.lread.net") | |
| get("https://www.biqubao.com") | |
| get("https://www.miaobige.com") | |
| get("https://www.qidian.com") | |
| get("https://www.exiaoshuo.cc") | |
| get("https://www.snwx8.com") | |
| get("https://www.yssm.org") | |
| get("https://www.liewen.cc") | |
| get("https://www.wenxuemi.com") | |
| get("https://www.qingkan9.com") | |
| get("https://www.7dsw.com") | |
| get("https://www.piaotian.com") | |
| get("https://www.ymoxuan.com") | |
| get("https://www.bqg5200.com") | |
| get("https://www.kuxiaoshuo.com") | |
| get("https://www.x23us.com") | |
| get("https://www.zwdu.com") | |
| } | |
| private fun get(url: String) { | |
| okhttpGet(url) | |
| } | |
| private fun okhttpGet(url: String) { | |
| val body = Request.Builder() | |
| .url(url) | |
| .build() | |
| .let { baseClient.newCall(it) } | |
| .execute() | |
| .body() | |
| .let { requireNotNull(it) } | |
| .string() | |
| println(body.take(200)) | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package cc.aoeiuv020.demo | |
| import android.annotation.SuppressLint | |
| import cc.aoeiuv020.demo.ssl.TLSSocketFactory | |
| import okhttp3.CipherSuite | |
| import okhttp3.ConnectionSpec | |
| import okhttp3.OkHttpClient | |
| import java.security.KeyStore | |
| import java.security.cert.X509Certificate | |
| import javax.net.ssl.TrustManagerFactory | |
| import javax.net.ssl.X509TrustManager | |
| /** | |
| * Created by AoEiuV020 on 2018.09.04-17:49:06. | |
| */ | |
| @Suppress("unused") | |
| val trustAllManager: X509TrustManager = object : X509TrustManager { | |
| @SuppressLint("TrustAllX509TrustManager") | |
| override fun checkClientTrusted(chain: Array<out X509Certificate>?, authType: String?) { | |
| } | |
| @SuppressLint("TrustAllX509TrustManager") | |
| override fun checkServerTrusted(chain: Array<out X509Certificate>?, authType: String?) { | |
| } | |
| override fun getAcceptedIssuers(): Array<X509Certificate> { | |
| return emptyArray() | |
| } | |
| } | |
| private val trustManager: X509TrustManager = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()) | |
| .apply { init(null as KeyStore?) } | |
| .trustManagers | |
| .first { | |
| it is X509TrustManager | |
| } as X509TrustManager | |
| // https://github.com/square/okhttp/issues/4053 | |
| // Add legacy cipher suite for Android 4 | |
| private val cipherSuites = ConnectionSpec.MODERN_TLS.cipherSuites() | |
| .orEmpty() | |
| .toMutableList().apply { | |
| if (!contains(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA)) { | |
| /* | |
| javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb88ec0b0: Failure in SSL library, usually a protocol error | |
| error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x98947990:0x00000000) | |
| */ | |
| add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA) | |
| } | |
| } | |
| private val spec = ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) | |
| .cipherSuites(*cipherSuites.toTypedArray()) | |
| .build() | |
| /** | |
| * 私有,外部不要用,不要改了这个builder, 需要时baseClient.newBuilder(), | |
| */ | |
| private val baseClientBuilder: OkHttpClient.Builder by lazy { | |
| OkHttpClient.Builder() | |
| // cleartext要明确指定, | |
| .connectionSpecs(listOf(spec, ConnectionSpec.CLEARTEXT)) | |
| .sslSocketFactory((TLSSocketFactory(trustManager)), trustManager) | |
| } | |
| val baseClient = baseClientBuilder | |
| .build() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
repo